By: Peter Williams, Practice Leader - IT Infrastructure Mgmt., Bloor Research Posted: 24th July 2008 Copyright Bloor Research © 2008

I gained a more positive view of post-process de-dupe—or rather what I would call ‘partial post-process'—from meeting with virtual tape library (VTL) appliance provider SEPATON last week. Its new DeltaStor de-dupe approach is unique and so deserves a separate review.

De-duplication performed during an initial backup—‘in-line' so called—is typically achieved transparently to any management process by an appliance and (with compression included) can achieve a 20x or more space saving over a standard backup. Applied across the board to every file and system, it typically treats them all just as blocks of data without taking account of file type or content. ‘Post process', which applies de-dupe to a backup only after it is created, initially requires extra space and typically incurs some management overhead; this is not so smart in my book.

SEPATON's DeltaStor is technically ‘post process' but different. Its software examines the backup copy of each individual file and database (‘object') in turn but, uniquely, uses its ContentAware stored intelligence to recognise all the leading vendors' backup and archive output as these embed their own markers. In SEPATON's de-dupe process these markers are extracted before the data is processed.

There then follows a byte-level examination of the whole data stream; from this the de-dupe process (which does not use hashing) creates variable-length output representing anything from 128 bytes to the whole object. "Nobody else does that," said Miklos Sandorfi, SEPATON's CTO, who pointed to a verified 48x space-saving typically being achieved in its VTL output. It still needs additional space but, as Sandorfi explained, far less than you might expect...

Since each backed up file or database is handled as a separate entity, DeltaStor can be set to start work on de-duping the first file as soon as that backup is complete and concurrently with the next file backup, and so on (so effectively only ‘partial post-process'). This also means the minimum amount of output space that has to be pre-allocated is the size of the largest file to be backed up plus the total de-dupe output space (which all de-dupe products need); then remember that DeltaStor's de-dupe space will come out less than half that used by the best in-line de-dupe products. Some files should not be de-duped (for instance already encrypted ones); with DeltaStor's approach the decision whether to de-dupe can be set at the most granular single-file level to further assist space-saving.

So when calculating the overall space saving versus the best in-line solutions, consider: a) the total amount of data to be backed up (typically more for larger enterprises), b) the degree to which further replication is to be applied to the de-duped backups (since with SEPATON these instances will be smaller, which also helps performance especially if some travel over a WAN), c) the effect of some files not being de-duped, and d) how long the data is to be stored accessibly from disk (since the longer it is retained in this near-line de-duped state the bigger the space-saving).

Logically, SEPATON's approach is most attractive to larger enterprises with larger and more complex backup and archiving needs who do not mind a minimal amount of extra management. In exchange SEPATON offers some enterprise-level additions.

For instance, there is a rigorous byte comparison check on data integrity. Sandorfi says that SATA disks have a habit of changing the data without showing an error. (Very nasty if true!). Also, SEPATON's ‘forward differencing' approach reverses the way most de-dupes work. Whereas they use the first instance of data as a reference copy and replace subsequent instances by a pointer, DeltaStor stores the most recent data copy in full form—replacing old and redundant data with pointers. This circumvents two problems: a) a gradual tail-off in backup performance and b) a delay in restoring the most up-to-date data.

In-line solutions that cannot maintain wire-speed will impede initial back-up throughput performance. Although not a like-for-like, SEPATON's VTL appliance does boast up to 34.5TB/hour as well as scalability to 1.6 petabytes of data.

Finally, through its software being aware of the content, SEPATON is working to develop other functionality, for instance to facilitate secure, audited content searches for legal discovery. (But that is for another day.)

Right now the decision for in-line or SEPATON-style partial post-process depends on organisation size and needs. But I still await a convincing argument for standard post process de-dupe.

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Peter Williams (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Peter Abrahams, Practice Leader - Accessibility and Usability, Bloor Research Posted: 21st July 2008 Copyright Bloor Research © 2008

Textic Limited, the text to speech solutions specialist, recently announced the commercial launch of Talklets, the Web 2.0 service that ‘voice-enables' text-based Web content.

So why should you want to voice-enable your web site? The simple answer is that it adds an extra level of accessibility to the site and further ensures compliance with existing and proposed legislation around the world; but that is only part of the answer.

So which of your visitors can it help?

• It is not designed to support a user who is blind and is dependent on a screen reader to navigate around the operating system and the browser before arriving at your site.
• It is designed for a user who has some vision and can navigate to your site. Once on the site it will require less effort to listen to the text rather than use a screen magnifier or just strain to read the text.
• People with dyslexia can read and navigate around the site but find it difficult to read large quantities of text so will greatly appreciate having articles or product descriptions read out loud.
• Many people who speak English as a second language find spoken English much easier to understand than the written word, this is particularly true if their native language does not use the Latin script.
• Some people with learning difficulties will not be able to read but will be able to understand the spoken word.

Could these visitors use a traditional screen reader? Some of them will; but many of them will not have access to the technology, either because of its cost, or because it has to be installed on a computer and they do not have their own and are not allowed to load the software onto a shared computer in a internet cafe or library. Being able to go to any computer and listen to your site is a much more flexible solution for a great many of these visitors.

When looking at accessibility solutions we should always think of 'dropped kerbs', the sloping kerbs that make it easy for user of wheelchairs to move independently around our towns. As a by-product they make it easier for mothers with buggies, tourists with wheelie suitcases and delivery men with trolleys.

In fact the by-product is much bigger than the specific accessibility benefit.

Who are the 'buggy pushers' of voice-enabled sites?

• People who find it more fun, or trendy, to listen rather than read.
• People who absorb more by listening as well as reading.
• People viewing sites that include images and diagrams, listening to the description whilst looking at the image is much more effective.
• Time-poor visitors can download an MP3 version of pages and then listen to them on the move.

Sites that provide the extra 'voice-enabled' option should experience extra stickiness and that should convert into extra revenue over time.

Textic Talklet technology is unique in this market as it does not require any software to be installed on the client or the server, making it very easy to implement and very easy to use.

The conversion of the text to speech is provided as a Software as a Service (SaaS) by Talklets. Some sophisticated streaming technology provides an excellent response time. The service has been in production trial in a variety of sites over the last six months. When I point at a piece of text the voice normally starts within a second, I am not really aware of having to wait.

Besides the instant speech functionality, Talklets provide some related accessibility features:

• Text zoom
• Altering background colours that can iad people with dyslexia and with certain vision impairments.
• Converting text to MP3 for later listening, this is the one function that a traditional screen reader user might use.

One word of warning: the technology seems to work best when the site content is well structured. Having headings properly set up and paragraphs clearly delineated means the technology can read back coherent chunks of text. A badly structure site may be read in a less than natural way. This is just another reason to ensure your site is well structured.

My recommendation would be to justify Talklets on the accessibility benefits and then to enjoy the extra revenue that will flow from the wider users.

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Peter Abrahams (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Fran Howarth, Principal Analyst, Quocirca Posted: 18th July 2008 Copyright Quocirca © 2008

Much is written about the increasing burden of regulations faced by organisations, be it specific to a particular industry or cutting across all sectors. But another key challenge faced by organisations is the threat of litigation and one of the fastest growing areas here, in the US at least for now, is that of facing lawsuits related to electronic discovery, also known as e-discovery. E-discovery is the process of producing electronic documents for use as evidence in a lawsuit, which can be information in any format that might be considered relevant to an investigation, with some exceptions, such as information that is considered to be privileged.

In recent years, the number of e-discovery cases has spiralled. Law firm K&L Gates LLP maintains a searchable database of e-discovery cases that includes some 1,000 separate cases in the US alone. The Oklahoma Bar Association estimates that one in 20 US organisations has battled a lawsuit triggered by an e-discovery request, and management consultants Cohasset Associates state that e-discovery costs are the second largest uncontrolled expense for organisations, primarily because they are not prepared. This is exceeded only by healthcare costs. The average amount for complying with an e-discovery request is widely estimated by a variety of sources at around $4 million-but failure to comply can cost many times that amount, as some large corporations have already found.

The processes involved in an e-discovery case are: information management, identification, preservation, collection, processing, review, analysis, production and presentation to a court of law. But the fact of the matter is that organisations produce a colossal amount of information in a wide range of digital formats containing both structured and unstructured data, stored on a wide range of storage systems. Given the vast quantities of information produced and stored by organisations, it is a daunting task to find all of the information needed for evidence. What is required is a good system of information governance.

At the very heart of this is a good records retention policy and management system, covering all data repositories. This requires that organisations undergo a planning exercise, including designation of a cross-functional team with clear responsibilities defined, drawn from all parts of an organisation, including IT, legal and compliance officers, as well as the custodians of all data stores in the organisation. Then organisations need to identify all devices, data stores and applications in use across all devices connected to the network, or held in physical data stores to identify where all documents are created and stored.

Today, a number of technology vendors offer products that help automate information governance requirements, providing transparency over what data is stored in an organisation and where, helping organisations to reduce the risk that information produced is outside the control of the organisation. This will help the organisation to ensure that all of the information it produces is stored according to the policies set and hence is retrievable should it be required to pass a regulatory compliance-related audit, or to more easily be able to produce all of the evidence required as part of an e-discovery request.

Whilst it is true that most of the cases of e-discovery that have come to light to date concern organisations in the US, data is increasingly spread across multiple countries in many organisations, making the process of fulfilling e-discovery requests an even more arduous task. And that throws up another challenge—that of the legality of e-discovery in different jurisdictions. In some countries in Europe, such as England and Wales, the laws are relatively permissive, allowing courts to order the disclosure of information as evidence as long as the demands are not excessive. In others, including France, Germany and Italy, there are as yet no general disclosure laws. In some cases, limited disclosure is allowed, although blocking statutes exist that can make document disclosure illegal and in Germany the workers' council must be involved in all such requests. In Switzerland, e-discovery requests made without the involvement of Swiss officials are regarded as a violation of Swiss sovereignty and can lead to criminal proceedings.

This legal minefield is one that does not look likely to be sorted out any time soon, with only muffled sounds being heard from the EU regarding the possibility of standardising laws across Europe. But organisations cannot afford to be complacent. Many things that start in the US cross over the pond sooner or later and, with e-discovery, it is likely to be sooner. Organisations need to get their houses in order. They should ensure that they have the right information governance tools and processes in place so that when an e-discovery request comes they are in a position to respond without breaking the bank in terms of the costs and the effort involved in complying with demands made.

Regulatory compliance has shown the need for legal officers to be closely involved in setting policies and procedures for organisations to follow, and in ensuring that technology systems chosen to support those processes fully support legal and audit requirements. To prepare for the likelihood that companies will face more e-discovery challenges in the near future, it is imperative that legal resources become even more closely involved and take an active part in the procurement of information governance systems. Expert legal counsel should also be engaged to ensure that organisations do not break laws in specific countries. There never was a better time to be a lawyer, nor to prepare a solid information governance capability.

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Fran Howarth (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Peter Abrahams, Practice Leader - Accessibility and Usability, Bloor Research Posted: 15th July 2008 Copyright Bloor Research © 2008

CEN, the European Committee for standardization, recently produced a report CWA 15778:2008 Document Processing for Accessibility. This report provides guidelines on integrating accessibility approaches and workflows within the document management and publishing process rather than as just a specialised additional service.

When it was complete it was realised that the report itself had not been produced to be accessible. One of the team working on the report used his best endeavours to improve the accessibility of the final PDF document, it was a significant improvement but still did not adhere to all the requirements of an accessible PDF. I suggested that this was not really good enough and CEN persuaded Adobe that they should create a fully accessible version. This has been done and will be available soon.

So far so good but it raised a bigger question relating to all the other documents that CEN produces. I would suggest that now this report has been published that CEN itself needs to abide by its findings and be an exemplar to industry. The initial response from the CEN publishing department to this idea is disappointing. They said :

• To make all their documents accessible will be very costly.
• Furthermore, it may even not be just a matter of cost. CEN has standardized on a format of Adobe with its Members because all 30 National Standards Bodiess need to have it. This adds to the problem, CEN cannot easily change their approach.

I am convinced that although both these arguments maybe true today they cannot justify any inertia in moving towards fully accessible documents for all CEN output.

Firstly I find it difficult to believe that there is anything in the Adobe standards used at present that preclude the documents being accessible as well. If there is then I am sure that the NSBs could be quickly persuaded to agree to any required change.

In relation to cost the publishing department needs to understand what the issues are and modify the processes so the cost is minimized. I am sure that CWA 15778:2008 itself will help them in that process. Everything I have seen so far suggest that if accessibility is built into the document creation process that there is very little extra cost, if any, involved.

I recognise that any changes in the process of creating standards will take time to implement but I feel that there is no justification in not moving quickly towards an environment where all documents produced by CEN are accessible.

I have also raised this issue with BSi, the UK standards body. The BSi recently ran a one day workshop on accessibility and during that day it was announced that the BSi board recognised the issue and intend to resolve it. I hope that as part of this process BSi raises the issue with CEN and other standards bodies .

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Peter Abrahams (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Peter Williams, Practice Leader - IT Infrastructure Mgmt., Bloor Research Posted: 14th July 2008 Copyright Bloor Research © 2008

Storage de-duplication has the potential to be used in lots of situations—and de-dupe specialist Data Domain is having to work hard to prioritise provision of new features from the opportunities it is seeing.

The starting point is using its NAS-style de-duplication storage appliances which can be installed with minimum disruption to an organisation's existing way of working. This means that, for instance, it carries out an in-line de-dupe transparently within an unchanged backup procedure. The company says this will typically achieve an immediate 20x backup disk saving and requires no management.

So my question is: "Why wouldn't you?" Yes, you have to pay for the de-dupe appliance but the massive disk capacity savings achieved means avoiding future disk drive purchases. In turn this can, for instance, greatly defer the day when your data centre runs out of capacity (space, energy) so it also fits well with a green IT policy.

Data Domain also uses this de-dupe process for a virtual tape library (VTL). The huge disk capacity saving means data can be economically retained on disk—nearline storage—for, perhaps, months before there is a need for it to go into deep tape (or optical) archive. In the meantime it is much more rapidly recoverable and accessible. With the data taking, say, 1/20th the capacity on low cost SATA disk compared with ‘un-deduped’ tape, the economics of disk versus tape is radically altered in disk's favour.

In both cases the data is accessible reasonably fast, so it provides a nearline tier which can be accessed directly for many applications; for instance Data Domain has partnerships with a couple of content search engine providers. Storage content searches are useful as input to discovery as evidence for a compliance court case.

A new Data Domain feature is Retention Lock; this can set a lock on individual files as they are archived so that they cannot be changed in any way for a pre-set period. Since this is open for the IT manager to set or change it is not suited to rigorous SEC-level compliance, but helps ensure good governance since it will firmly block user access. The company also uses a partner to provide encryption. Together these steps show Data Domain making at least tentative moves into accommodating governance, risk and compliance (GRC) needs. A data destruction verifiable delete facility is also planned this year.

In fact de-dupe is equally at home with archiving as with backup, although the nature of archiving means the space saving of, typically 75–80% or 4x, is much lower than for backup; but it's still impressive. Moreover, the process is also helping remove the demarcation between backup and archive systems which, at least longer term, should help simplify the management process.

Further ways this is supported is that sending either a backup or archive copy to a remote location, even travelling over a WAN, is practical. Now add a frequent snapshot capability which sends hardly any data as it only needs to store data tags, and you nearly have continuous data protection (CDP) and a very low-cost disaster recovery (DR) solution. You also obviate any need to physically transport newly-created tapes to a remote secure location—by sending the information over the wire.

All these are possible only because the specially-designed appliance, which draws heavily on CPU performance, achieves the necessary throughput to carry out block- and byte-level de-dupe in-line as the data is received. Any vendor providing only a software solution cannot achieve this throughput—and building an optimised appliance is not an overnight job. The alternative, so-called ‘post-processing’ de-dupe that only works on the already backed-up storage, has very little value in my book, as it needs to allocate more disk space and incurs extra management.

So, notwithstanding the economic downturn and with storage volumes set to continue soaring, Data Domain looks to be sitting pretty right now.

What of the future? Clearly, since applications can already access de-duped nearline storage in real time, there are few technical reasons stopping de-dupe being applied to tier one (even tier zero) storage and saving yet more space—except in considering when to accomplish the de-dupe. (No immediate plans for this I'm told.) What I do know is that Data Domain's own users are thinking outside the (storage) box to pass on their ideas—so some highly original future developments are entirely possible.

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Peter Williams (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Philip Howard, Research Director - Data Management, Bloor Research Posted: 11th July 2008 Copyright Bloor Research © 2008

Prodiance is one the leading vendors in the spreadsheet management market and, in its last couple of releases, it has added significant new functionality.

To begin with there was eDiscovery, which came out in its last release, around Christmas time. This is fundamental to good spreadsheet management because it enables the discovery of spreadsheets (and other end user computing resources such as Access databases) automatically. Moreover, it doesn't just discover them when they are stored with a standard extension but also if they have no extension, are in zip files or even if they have been renamed as something else. This is important because spreadsheets are often used for fraudulent purposes. Typically, eDiscovery is run on a scheduled basis so that you can discover new spreadsheets that have been created.

The second element of eDiscovery is the calculation of risk associated with the discovered spreadsheets. This is done with two sets of metrics. One is technical: how large is the spreadsheet, how many formulae does it contain, how many links has it to other spreadsheets, how many hidden, very hidden (that is, hidden by program) and invisible cells does it have and so on? In other words, how complex is the spreadsheet and, therefore, how likely is it to contain errors? Secondly, there is the assessment of risk to the business. That is, how significant is this spreadsheet? Here, you define terms of importance that you want to look for, such as spreadsheets with the term ‘profit' in them or ‘earnings per share', or those containing credit card information or exceeding certain currency limits.

Once you know what spreadsheets you have got and assigned a risk score to each of them then, of course, you can prioritise the management of those spreadsheets that pose the most danger to the business.

Anyway, that was the company's previous release. In its latest release, version 5.3, the company has added a new executive dashboard, significantly enhanced role-based security (as an add-in to Excel so that you can restrict access, by role, to various capabilities right down to the macro or cell level), a much improved spreadsheet comparison capability, support for foreign languages, performance enhancements, new high availability functionality and new portal capabilities.

The portal developments are significant. You can, in fact, run with Prodiance's own portal or Microsoft SharePoint or a third party (for example, SAP) portal because everything is built using web parts (with drill-down). In particular, the portal includes workflow capability (with task lists for approval tracking in the development and publishing of new spreadsheets) and report publishing. In the latter case, reports can be generated in either HTML, XML or pdf formats, or you can use Microsoft SQL Reporting Services. These can be scheduled as required and delivered via email as necessary.

The new spreadsheet comparison capabilities are probably the best I have seen from any vendor. The graphical representation is clear and it supports comparisons both between versions of a spreadsheet and different spreadsheets. The view is colour coded with the option to turn off original colours that may be in the spreadsheets themselves. There is automatic row alignment, you can compare macros, statistics are automatically generated and, of course, there is automated recognition of formula, data, macro, text and anything else changes.

Prodiance has always been especially strong in its graphical and presentation capabilities and these have been enhanced in the latest release. Moreover, the company has also significantly extended and deepened its functionality, both in this release and its predecessor, re-confirming the company's place as one of the leaders in the spreadsheet management market.

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Philip Howard (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Gerry Brown, Associate Analyst - BI and CRM, Bloor Research Posted: 9th July 2008 Copyright Bloor Research © 2008

A McKinsey survey recently found that boards spend around 11% of their meetings talking about performance management. Performance management is a board-level strategic issue to be sure. In my view "cross-company Performance Management" (PM) is more important to business success than "cross-company BI". However, I have struggled to find empirical evidence to back up my opinion. A German company is now delivering this proof.

Gerhard Jahn is the SONAX CIO and Controller. SONAX is number one in the car care products market in Germany and ranks among the top five in Europe. It is a medium-sized company with 450 staff which has experienced double-digit growth in many areas in recent years.

SONAX believes much of its success can be attributed to a performance management strategy that is executed using IBM Cognos 8. This system is used by one out of every two administrative employees. SONAX uses the IBM Cognos 8 BI platform to monitor its financial and sales operations in 80 countries and to guide management decision-makers across the organisation. 60 new applications have been developed on the IBM Cognos 8 BI platform in just the last 12 months.

In my technical paper "Delivering Performance Management solutions", I put forward the case that performance management is not just about software, but it extends to cultural changes as well. SONAX confirms this view and is living proof. SONAX uses Cognos Metrics Studio scorecarding to transform its company strategy into concrete and measurable indicators in such areas as customer satisfaction and product complaints.

"SONAX has developed a holistic approach to performance management based on sound business principles. Our data warehouse, our ERP system and IBM Cognos 8 are helping us to achieve our objectives. IBM Cognos 8 is preparing the way for the implementation of our corporate strategy," explains Jahn.

SONAX has five key scorecards, one for each of the two parent companies, SONAX and Hoffmann MINERAL, and three for SONAX's subsidiaries. IBM Cognos 8 data is available via an internal portal. When users log in, they first see their own personal index card and the index card activity.

SONAX has more than 10 years experience with balanced scorecards and, using IBM Cognos 8, SONAX can link different scorecards and combine them in a sequence. This helps SONAX to integrate all the company's decision-making units into a complete company-wide performance management cycle.

Cross-company performance management enables faster and better management decision-making as managers gain immediate access to a ‘single data version of the truth’. Universal data availability and data accuracy gives managers the assurance and confidence to make timely and high quality decisions. IBM Cognos 8 also increases transparency for employees, allowing them to understand how and why decisions were made. This transparency has a strong positive effect on staff motivation.

SONAX has been certified for the international quality standard ISO 9000 for many years. IBM Cognos 8 is the basis for a cross-company quality management system, says Jahn. The company uses siliceous Earth, a unique mixture of quartz and kaolin as a core component in their car care products. To protect the environment and help nature return to its original state, the company is reforesting the mining areas. The performance indicators developed in IBM Cognos 8 measure the effectiveness of the reforestation after mineral mining and ensure environmentally friendly production.

Product innovation is also very important at SONAX. The Research and Development department uses performance management to derive new formulations for car care products and to test the quality and reliability of new product recipes. "SONAX has developed a project management system that takes original product ideas through to pilot production," explains Jahn. Employees are at the heart of this innovation process. IBM Cognos 8 gives employees feedback about the results of product suggestions and details development plans over the medium term.

Alongside "hard" ROI metrics, SONAX is also focusing on "soft" factors—including improving the quality of management decision-making. Decision making is based on a balanced combination of all three human aspects—head, heart and gut feeling. Most importantly, however, management decisions are now underpinned with factual foundations provided by the performance management system.

IBM Cognos 8 is converting data into decision-making knowledge for SONAX. "IBM Cognos 8 is helping SONAX to make rapid decisions and switch between strategy, planning, controlling and reporting at the touch of a button. IBM Cognos 8 is our new key to success", states Gerhard Jahn "and we're happy about that".

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Gerry Brown (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Peter Abrahams, Practice Leader - Accessibility and Usability, Bloor Research Posted: 8th July 2008 Copyright Bloor Research © 2008

I have just received this press releas on Europenan e-Inclusion Awards 2008. I think this is an Award that as many organisations as possible should enter as an excellent way to raise the profile of e-Inclusion.

I will report on the results in December.

European e-Inclusion Awards 2008
The European Commission has just launched the first ever European e-Inclusion Awards. As part of the European Commission's e-Inclusion Initiative, the Awards will celebrate the best and most imaginative uses of Information and Communications Technology to reduce digital and social exclusion.
Digital technologies are an essential part of daily life. We use them at work, in day-to-day relationships, in dealing with public services, and a lot more besides. They touch our lives in ways which we are often unaware of, or don't even think about. Yet an estimated 1 in 3 Europeans fail to benefit from new technologies.

Overcoming this ‘digital exclusion' is not just a social necessity, it is estimated that it could be worth up to €85 billion to European companies and governments over the next five years. The European e-Inclusion Awards aim to inspire progress and to encourage industry, governments and other organisations to exploit information and communication technologies to combat social and digital exclusion.

The European e-Inclusion Awards are open to organisations in the public, business and voluntary sector or civil society. There are seven competition categories:

• Ageing Well
• Marginalised Young People
• Geographic Inclusion
• Cultural Diversity
• Digital Literacy
• e-Accessibility
• Inclusive Public Services

Entries will close on the 12th September 2008 and five finalists from each category will be invited to exhibit at the Ministerial Conference on E-Inclusion to be held in Vienna on 1 December 2008 as part of the "e-Inclusion: Be Part of It!" campaign (see http://ec.europa.eu/einclusion). The overall winners will be announced at the Awards dinner and ceremony.

For more information on the Awards or to register, visit the website www.e-inclusionawards.eu.

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Peter Abrahams (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Peter Abrahams, Practice Leader - Accessibility and Usability, Bloor Research Posted: 7th July 2008 Copyright Bloor Research © 2008

Lotus Symphony is the office productivity suite embedded into Lotus Notes. Lotus Notes is a product that is bought in large numbers by many enterprises. This means that Symphony has the full engineering excellence—reliability, usability, support and maintenance—that we expect of any enterprise product, especially one from IBM.

The good news is that Lotus Symphony 1 is now available as an independent product that can be downloaded for free. This must make it an attractive option for anyone who needs a well engineered office product but does not want to pay a lot of money for it. Further because it is a brand new product and, as IBM has always been in the forefront of accessibility technology, you can be sure that it has been designed and tested with people with disabilities in mind.

Lotus Symphony 1 is a single product with three functions: Documents, Presentations and Spreadsheets. It supports the Open Document Formats (.odt, .odp, .ods etc) as well as Microsoft Office 2003 formats (e.g. .doc, .ppt and .xls). This first release is very much aimed at the casual and the task user and is not intended for users who are heavy users of macros or integration with existing products. The roadmap suggests that these power users will be supported during 2009. It is supported on Windows and Linux operating systems with Mac integrated support in 2009.

I have recently loaded up Symphony on my old XP machine and here are my early reactions:

• Download and installation was very straight forward.
• The initial screens are intuitive and easy to understand.
• The help is good because it starts with an introduction and common help topics. The second common help is about accessibility so a new user should become independent very quickly even if they have a disability.
• Two important short cut keys that I picked up immediately are ctrl + to get to the menus just like a standard windows program and shift+F6 which moves from the main edit area to the sidebar where I can do things like changing fonts. The important point is the accessibility information is easily accessible; this might seem obvious but it is certainly not true of all products I have looked at.
• When typing, auto-correct works very well but just as important is the addition of predictive text. This is really useful for me because 'accessibility' is a word I type a lot and very often misspell now I type 'acc' and the rest is done for me. This is a boon for me but a great accessibility tool for anyone who types slowly or with difficulty.
• Symphony includes an export to PDF function. It creates a reasonable pdf file including bookmarks for heading and alternate text for figures. It does not produce a pdf file that will reflow which is one of the requirements for accessibility; it would appear that there is scope for a plug in from a third party or an update in a subsequent release.
• On the web site there are a series of tours that really help people to understand the functions. These include closed captions for deaf users or people who do not want to use the sound on their machine. The only downside is that unless you left click on the tour you will not know it is there. A small description of the tours and how to use them would be useful.

Symphony is built with support for Iaccessible2 (IA2), the new interface for Assistive Technologies, and this means that it works with screen readers and screen magnifiers. IA2 has several extensions over the existing MSAA interface and so should provide a better user experience for screen reader users.

Given that Symphony is accessible, is well engineered, provides the functions that most people use and is free it seems an ideal product for a large proportion of users, especially anyone who is disabled and looking for an economic way of creating a full function home office.

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Peter Abrahams (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Peter Abrahams, Practice Leader - Accessibility and Usability, Bloor Research Posted: 6th July 2008 Copyright Bloor Research © 2008

I have just been reading a blog 'Big organisation optimisation for small projects' from Bankervision. It raises some interesting questions about how accessibility needs to be integrated into small projects. You can read the whole blog but I will prescis it here so I can respond.

"My team and I are busy rolling out a new innovation... Yesterday... an email from one of our accessibility experts... had we done the mandatory testing... I'd not been aware of the mandatory requirement... I'd not budgeted for any such requirement... we will find a compromise...

However this situation brings something to the fore... The big project model requires lots of systems and processes... But the small project is one that can't afford much process... It is an endless flip-flop between not enough control and too much... But one thing is certain: process and controls are about controlling change, about slowing down responses so that things become predictable. They are never about moving fast."

I have some sympathy for James trying to run a project and being hit by some extra work late on but I completely disagree with his conclusion at the end. Process and control should be about moving a complete project ahead faster. They should be about two things:

• Getting things right first time so there is less rework later.
• Providing a framework for managing the project, thereby letting the project concentrate on the implementation and not having to think about how to manage and control the project.

The most important thing to 'get right' is to ensure that the project adheres to the policies of the business. For example any enterprise, especially a bank, will have business policies on security, privacy and business conduct, these are policies emanating from the CEO. The IT organisation will have developed IT policies to ensure any IT implementation adheres to and supports the business policies. It makes no difference if the project is big or small, nor if it is main stream or innovative, it has to adhere to and support the policies. The only way to make sure that happens right first time is for there to be process and controls for all projects.

You may have noticed that I did not mention accessibility policy in the last paragraph. I only did that to make a point. I do not believe that anyone would argue that security, privacy and business practice policies exist and need to be followed. I am sure that James's project took careful note of them and ensured compliance. The problem is that not everyone knows that the bank has an accessibility policy (I happen to know which bank James works for and I know it has such a policy). The policy is a business, not an IT, policy and basically says 'the Bank will make its services accessible to its customers and staff'. There are obviously IT processes and controls that support this business policy.

I am not sure why James got into this situation.

The first possibility is that he ignored all the process and controls related to projects in the Bank. In that case how can anyone be certain that there are not substantial security and privacy shortcomings in the system that is about to be delivered. Let alone concerns about performance, reliability, usability and fitness for purpose. I sincerely hope for his sake that this is not the case.

Another possibility is he did follow the relevant process and controls but that they did not include accessibility. If that is the case the processes need to be updated to include the necessary controls to ensure accessibility is baked in to all projects.

What is clear is that getting rid of the processes and controls is not the way to ensure that new systems comply with the policies of the business.

James is Head of Innovation and Research at the Bank I would recommend that he uses some of his effort to ensure that the policies of the bank are complied with using the minimum of effort.

Obviously this is a specific story with specific individuals but the same principles must apply to any organisation in any industry. Are you sure that your enterprise has got the right business policies and related processes and control in place?

I am posting my reply here but will also post it on the original blog.

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Peter Abrahams (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Peter Abrahams, Practice Leader - Accessibility and Usability, Bloor Research Posted: 30th June 2008 Copyright Bloor Research © 2008

Microsoft has taken accessibility seriously for many years, working closely with Assistive Technology vendors, defining Microsoft Active Accessibility (MSAA) and, more recently, UI Automation, sitting on relevant standards organisations and being a founder of the Accessibility Interoperability Association (AIA).

Its commitment to ensuring that accessibility is baked into all products has recently been boosted by incorporating it into Microsoft's Trustworthy Computing Initiative. The initiative, as its name implies, started off concentrating on security. But it soon became apparent that the processes and methods needed to ensure security applied equally to a variety of other issues. I have known these issues for many years under the rather uninspiring title of non-functional requirements (NFR)—so named because they were requirements that did not relate to the specific functions a product delivered. These issues include security, privacy, reliability, usability, and maintainability.

The issues have many characteristics in common:

• They only become noticeable when they fail.
• It is difficult to effectively bolt them on to an existing product.
• The same requirement, and often solution, crosses multiple products.
• They require facilities in differently levels of the software stack, possibly from different vendors, to work seamlessly together.

Accessibility has all these characteristics and, like the other areas of Trustworthy Computing, requires engineering excellence to ensure that it works. Engineering excellence can only be guaranteed if there is support from the very top; marketing pressures can never be allowed to compromise quality.

Moving Microsoft's Accessibility Unit, with its existing director, into the Trustworthy Computing Organisation means that it has been recognised as an essential feature of any future product. It will now have the power to ensure that accessibility will be built into every phase of development: design, code, test, document, educate and roll out.

Even though Microsoft has had a long history of supporting accessibility it is true that many of its products still need to be improved. The new organisation should ensure that improvements are made even if changes will take time. It may not be possible to make all the changes in one tranche so it may require several product releases to make the product fully compatible. What it will mean is that accessibility failures will from now on be taken as seriously as security failures.

I think the new organisation will improve accessibility over the medium term.

Finally I think it should raise questions in the reader's mind "Where is accessibility in my organisation? Does it have sufficient gravitas and power to ensure accessibility in my products (for vendors) or systems (for corporations)?"

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Peter Abrahams (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Peter Abrahams, Practice Leader - Accessibility and Usability, Bloor Research Posted: 26th June 2008 Copyright Bloor Research © 2008

MindJet has just announced the fourth generation of mind-mapping technology. Each generation has added new functionality and widen the scope of use; as a by-product each generation has included extra support for people with disabilities.

The first generation was pen on paper with linear notes being replaced by ovals with text connected by lines with text. They were an excellent way for an individual to organise information and as a visual aide-memoire.

The second generation provided an editing tool for creating mind-maps on a PC. This solved the problem that first generation maps got very messy very quickly as more information was added or new links created. It also enabled the handling of bigger maps as whole branches could be closed down or opened up, or the viewer could zoom in or out. The improvement in the overall quality of the presentation, the ease of navigation and the ability to send electronically, meant that maps could be effectively shared. The mind-map moved from an aide-memoire to a communication media.

People with a variety of disabilities began to use mind-maps. People with limited or no use of their hands, who could not draw generation one maps, could now use the technique. People with dyslexia found mind-maps easier to understand and create than linear text, especially when they could include colours and images, so they began to use the technique as a communication media. People with limited vision who could see the overall structure of the map, found the electronic mind-map easier to navigate than linear text as they could pick up on the visual clues of colour, image and structure.

The third generation extended the electronic functionality by enabling connections between the map and other artefacts. For example a node on the map could be connected to all the documents, presentations, project plans, etc. related to the node. Any of the artefacts could then be opened from within the map. This moved maps from a communication media to an organisation method. Mind-maps became the first thing people opened in the morning as they could now organise their work around it. The better integration with other tools on the PC meant that speech recognition and text-to-speech technologies could be used with mind-maps hence increasing their usability by people disabilities.

The fourth generation moves mind-maps from an organisation method to a collaboration tool. With Mindjet Connect multiple users in multiple locations can work on the same map at the same time. The package includes instant messaging (IM) and voice over IP (VoIP) so participants can discuss and modify the map interactively. Users can also work on their own part of the map and the changes are immediately available to all the users. Users can view the map either by having Mindjet installed on their own machine or through a zero footprint browser solution. The browser solution makes it possible for ad-hoc users to be invited in to collaborate on the map.

Collaboration brings great benefits to users who find it difficult to travel. Many people with disabilities find travel difficult either because the travelling itself is a challenge or because specialised technologies such as large screens or speech recognition are not available at the destination. Collaboration systems make it easy for them to work from their own location and fully participate in the interactive collaboration. Mindjet Connect allows multiple users to work off the same map whilst each having their own view open; this means that a blind user can open up a text hierarchy view of the map whilst other users will have a pictorial view.

Mindjet has always been useful to people with disabilities but with this jump to interactive collaboration it is opening up opportunities for them to exploit their full potential in projects and the workplace.

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Peter Abrahams (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Peter Abrahams, Practice Leader - Accessibility and Usability, Bloor Research Posted: 19th June 2008 Copyright Bloor Research © 2008

An Open Conference on the results from Phase 1 of Standards Mandate 376: Public Procurement of accessible ICT in Europe took place 3-4 June 2008 in Brussels. It brought together many of the great and the good in the accessibility world including vendors, consultants, public bodies, standards groups, trade bodies, academia, and me, from European and international organisations. The audience came to listen and comment on the final draft outputs from phase 1 and the intent of phase 2.
To understand the conference you need to know a little of the background. In December 2005 the EU Commission issued a mandate M/376 with the main objectives:

• To harmonise and facilitate the public procurement of accessible ICT products and services by identifying a set of functional European accessibility requirements.
• To provide a mechanism through which the public procurers have access to an electronic toolkit, enabling them to make use of these harmonised requirements in the procurement process.

The mandate is being carried out in two phases:

• Phase I - Inventory of European and international accessibility requirements and assessment of suitable testing and conformity schemes
• Phase II - Standardisation activities.

The intention of the Mandate is to provide a similar framework in Europe that section 508 provides in the USA. In fact as section 508 is being revised at present and the W3C Web Accessibility Initiative (WAI) is close to publishing version 2 of their guidelines (WCAG 2 and ATAG 2) there is a real hope and intent that these three initiatives will create an aligned and compatible set of requirements that can be used worldwide.

The conference reviewed the drafts of two documents produced for part 1.

The first "Human Factors (HF); European accessibility requirements for public procurement of products and services in the ICT domain (European Commission Mandate M 376, Phase 1) ETSI DTR 102 612 V 0.0.40 (2008-05-19)" , to quote its full name, can be found at http://portal.etsi.org/stfs/STF_HomePages/STF333/STF333.asp .

This Technical Report provides:

1. An inventory of ICT products and services that are usually bought by public procurers,
2. A listing of existing functional accessibility requirements in EU and EFTA Member States and internationally,
3. The identification of gaps where no accessibility requirements exist and suggestions for developing missing or additional requirements,
4. A list of existing national, European and international standards and technical specifications which might comply with functional accessibility requirements and
5. Proposes standardization work for the development of requirements and award criteria that still do not exist or that are not yet standardized.

All the requirement and standards are cross referenced .

The document runs to over 200 pages and is intended as a reference document for phase 2.

I also believe that it is an important document, in its own right, for anyone looking at accessibility, as it provides and excellent catalogue of relevant standards and specifications. In its electronic version it could be used for example to quickly find information about standards on 'captioning' or 'touch screens'.

The process of the mandate requires that this becomes a completed document so that there is a stable base for part 2 of the mandate. However, I believe that the information in this document should be turned into an on-line resource that could easily be accessed and easily explored. Further there is a need for this information to be continuously update as new requirements, standard and specification become available. This type of updating cannot wait for a formal revision of the document which might not happen for 3-5 years.

The second document: 'CEN/BT WG 185 Project Team Final Draft Report: European accessibility requirements for public procurement of products and services in the ICT domain (European Commission Mandate M 376, Phase 1)' can be found at http://www.econformance.eu/euconformancereport.html . The document is 'an analysis of conformity assessment schemes of products meeting accessibility requirements'.

The document addresses the issue of how a procurer can ensure that a product is and will be accessible, or more specifically that the product fulfils defined accessibility requirements (product in this document covers: hardware, software, services and processed material). It is just under a hundred pages.

It describes the conformity assessment process which is applicable to any assessment, not just accessibility. It has four stages:

• Selection: deciding what information needs to be collected.
• Determination: collecting the required information.
• Review and attestation: deciding if the requirements have been met.
• Surveillance: if required, reviews the continuing conformance over time.

It discusses:

• The various parties who can perform the assessments: first party: the vendor, second party: the procurer, third party: an independent body.
• The criteria types to be used during the assessment.
• Comparisons of a variety of existing assessment processes including: AENOR (from Spain), VPAT (from USA) and Segala (from Ireland) all of which have very different characteristics. The process of comparison will not doubt help inform the discussion during the second part of the mandate.

One specific area that came up in the discussions of this document was the pros and cons of first and third party attestations. Not surprisingly the vendors tended to prefer first party and the procurers tended to want third party.

The problem with first party is how much they can be trusted, vendors will tend not to say 'we do not conform'.

The problems with third party are that it will add cost but more importantly who will be accountable if the attestation is found to be false.

The other problem, particularly with accessibility, is that it can only really be assessed at the time of use not at the time of procurement; for example if a vendor provides an application package which then needs to be configured and modified the raw package may be deemed to be accessible but the delivered solution may not.

My feeling is that the standards need to provide a good way for vendors to attest and then this could be baked into the purchase contract. This would probably be based on the existing section 508 Voluntary Product Accessibility Template (VPAT); one change to the VPAT should be the removal of 'voluntary' from the title as it gives the wrong message to the procurer as it sounds as if the vendor can decide what information to include. If it is baked into the contract then it is no longer 'voluntary'.

I think there is more benefit of third party assessments of the final deliverable. A standards based international assessment process with independent reporting and complaints processes could be very valuable for the procuring organisations and their ultimate end-users. The RNIB See-it-right scheme and Segala's TrustMark are particular examples of the direction this should take.

The second stage of the mandate will be critically important . It has the possibility of creating a procurement process that will benefit all parties and advance access-for-all significantly. It also has the possibility of creating a bureaucratic nightmare that the vendors will refuse to cooperate with and will not benefit the procurers or the ultimate end-users.

It is therefore extremely important that all the relevant stakeholders actively participate in the next phase. If you are a vendor of an ICT product (hardware, software, services or processed material) then you should have a member of staff who follows and comments on the proceedings. This also goes for major procurers (particularly, but not exclusively, in the public sector) as well as activist for specific disability groups.

I will continue to write on this area so one way to keep informed is to subscribe to my RSS feed.

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Peter Abrahams (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: David Norfolk, Practice Leader - Development, Bloor Research Posted: 16th June 2008 Copyright Bloor Research © 2008

I was at a FAST-sponsored CEO roundtable on Wednesday around Software Asset Management (SAM) - the previous FAST Roundtable in the series is written up here. An interesting discussion was had by all, including representatives from Microsoft anti-piracy, FAST, the BSA, several end-user customers and, of course, SAM vendors.

Now, I'm all in favour of asset management and, indeed, configuration management systems. Unless you know what IT assets you have and what (changing) state they are in, any IT governance you claim is built on sand. With good asset and configuration management, you can take business risks your less-well-governed competition can't afford to (because they can't identify, let alone manage the risk), you can use your resources more effectively - and you can eliminate the scourge of "shelfware" (all, potentially, quantifiable business benefits). Without it - well if you don't know what software is running on your computers, how can you claim any sort of IT security, with a straight face, for a start.

However, it became apparent fairly quickly that (outside of the roundtable participants) there's a very immature attitude to SAM around in the general community. For a start, most people probably don't do SAM (as part of the configuration management process and with identified business benefits) at all. They do "commercial licence management" with no benefit aside from compliance and avoidance of the civil penalties associated with non-compliance.

But commercial license management is purely a benefit to the vendors and "should" be (in my opinion) a service (an opportunity for SaaS, "Software as a Service") provided, at no cost to the customer, by the vendors.

This is something for businesses to think about as they contemplate buying licence management software and the hardware, databases etc it runs on. They should also think about any Open Source licences they've signed up for - assuming that they're aware of all the Open Source software assets used by the business. Open Source licences have teeth - and perhaps lawyers are beginning to see Open Source licensing as an opportunity (I certainly would). Are your Open Source licences managed? It's not just MS Office you have to worry about. You might like to read this this IT Analysis piece on the issues around supporting Open Source Software.

And, perhaps they might think about implementing a proper Configuration Management System (which is the basis for ITIL v3). As it happens :-) I'm involved in a joint BCS CMSG and itSMF conference in this area, "The CMDB and CMS - the Powerhouse Of Service Management", being held at Olympia on 8 & 9 July 2008). With luck, and good management (mostly good management), this will deliver real business benefit - and licence compliance will just "fall out" of the mix as an incidental benefit.

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact David Norfolk (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Nigel Stanley, Practice Leader - IT Security, Bloor Research Posted: 6th June 2008 Copyright Bloor Research © 2008

Bloor Research has just released a Market Update covering Endpoint Data Protection. But what does this mean?

An endpoint is defined as any user device capable of storing electronic data and encompasses traditional PCs through to smart handheld devices, cell phones, memory sticks, CDs and DVDs.

Data protection is now a strategic imperative and the purchase of a solution will increasingly be influenced by business executives. Similarly it is the role of IT security to step up to the mark and support the safe and secure use of these business tools using a strategic approach. This is far more cost effective than tactical endpoint solutions that address the problem piecemeal.

The following technology areas comprise the endpoint protection domain:

• Hard disk encryption
• Removable storage encryption
• Internal and external PC port and device connection control
• External device control
• Multi-factor authentication products
• Mobile device encryption and control
• File type control

As organisations move from securing their basic IT systems through to managing their ever disappearing perimeters they will quickly realise that the threat of data loss from an insider is probably the biggest security risk they will face.

In the majority of instances this threat is from an incompetent/non-malicious source rather than a competent/malicious source. In other words the threat is due to accident rather than a deliberate criminal act.

Practically the steps that need to be taken to protect an organisation against endpoint data loss are the same whichever threat you are dealing with. What is important is that any technology that is implemented is part of a strategic approach that encompasses user education and policy enforcement. A specific problem that is dealt with by papering over the cracks will soon reveal its weaknesses.

Vendors are starting to look for new and innovative ways to protect data and, where necessary, will partner with or purchase another vendor to bolster their product portfolio. Potential customers need to be aware of this when reviewing products as vendor integration inevitably takes time.

A number of smaller vendors have very compelling point solutions that can be deployed quickly and easily. This is a very attractive way to solve a pressing business problem but care needs to be taken that the solution will fit an organisation's IT security strategy. Medium to long term, a quick tactical fix can end up causing significant problems to later strategic implementations.

Smaller vendors also need to be examined for their stability. Whilst a number offer what appears to be a good solution, their lack of infrastructure and geographical remoteness could be a matter of concern. Having multiple offices is no guarantee of vendor success, but it does give the majority of buyers a better feeling of confidence. Lack of references and public case studies should further concern potential purchasers.

Key management has, and continues to be, a problem for encryption vendors. With today's often transient workforce, key recovery has become a major headache for many organisations who appear, in many cases, to regret taking on system wide encryption in the first instance. Many vendors are looking for new ways of solving the encryption key problem but very few, if any, seem to have solved it to satisfactorily.

Some vendors are entering the endpoint protection market as a result of their skills in remote software management, auditing and deployment. Care needs to be taken with such vendors as they still need to demonstrate an understanding of the security issues rather than the administration issues alone.

The endpoint protection market is set to grow and develop in line with new threat vectors and technological improvements, and both vendors and customers need to monitor the domain regularly to ensure they are not left behind.

Vendors researched for the paper include; PGP, GuardianEdge, Credant Technologies, Checkpoint, Lumension Security, Vontu, McAfee, Utimaco, Symantec, BeCrypt, Microsoft, BigFix, Centennial, Entrust, GFI, DES, Safend, iAnywhere, Information Security Corp, Mobile Armor, TrueCrypt, WinMagic and DeKart.

The paper can be downloaded free of charge from www.BloorAnswers.com.

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Nigel Stanley (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Rob Bamforth, Principal Analyst, Quocirca Posted: 4th June 2008 Copyright Quocirca © 2008

Almost half of UK organisations subsidise employees' personal calls made on company supplied mobile phones—either completely or only requiring a partial contribution from the employee—according to recent Quocirca research. With the average personal usage on company mobile phones estimated to be as much as a third of the total bill, why are companies letting this through? Is it intended as a perk for employees or are those in control of the purse strings just being casual with money they could add to the value of dividends paid out to shareholders?

It might seem like mean penny-pinching to some, but pennies saved quickly add into pounds, which might be important in harder economic times. Take a simple example, where an organisation has 3,000 mobile phones with an average airtime cost per user of £30 per month. The total annual expenditure would be £1,080,000. Using an average of around 30% for personal use (probably optimistically low), the total cost of this would be £324,000.

The values per person might be deemed to be low and, as such, many organisations may see this as a minimal or acceptable loss, but when equated to the entire mobile fleet this becomes a significant sum to be given away as an informal benefit. In most cases it is unlikely to be recognised as forming part of the employees' benefit packages.

This could be only the tip of the mobile personal usage iceberg, with many new elements contributing and becoming more appealing. For example, ‘personal content’ on the mobile phone such as premium text messaging (voting for reality TV shows), services that cannot be barred by the networks, the increase of personal text messaging (over two-thirds of company text messages are thought to be personal), then there is the possibility of making payments via the mobile phone.

In addition to the loss there is also a compliance issue, in particular relating to VAT, which cannot be reclaimed on personal calls. According to Quocirca's research, in many instances companies use a ‘finger in the air’ estimation, or leave it to the employee to work out a value to assign for personal use in order to satisfy HMRC requirements. The issue with this is that organisations have no or very few processes in place to actually audit their employees’ personal usage levels and, as such, could be under-declaring the VAT value and, in some instances, over valuing.

As organisations begin to deploy more and more mobile data applications this adds further complexities in understanding and in managing such expenditure. In one anecdotal example a company was stunned to receive a mobile data bill for one user in excess of £8,000. When investigated, it turned out the user had been streaming a live football match to their smartphone whilst away on holiday. The employee's response—"I thought we were allowed personal use of the mobile?"

There is a further issue most organisations do not even consider that could have greater repercussions from a HR perspective. If the company allows employees with business-supplied mobile phones to benefit from free personal calls then, in practice, they are excluding all other employees that have not been issued with one from receiving this benefit. This is an unwelcome potential headache that could lead to claims of unfair treatment from the many employees without them, or those expected to provide their own.

Overall, the need to make personal mobile use visible and to effectively manage that use is evident from the impact it might have on the bottom line. Brushing it under the carpet is no longer acceptable in times when companies should be prudently managing their costs, or at the very least understanding the true value of all the benefits they are providing their employees.

Some companies will dismiss the amounts involved as of little consequence, but their shareholders might like to ask if the business's decision to ignore personal calls is taken by default by being unaware of their true cost, or whether it is deliberate, based on the facts.

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Rob Bamforth (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon

By: Clive Longbottom, Head of Research, Quocirca Posted: 3rd June 2008 Copyright Quocirca © 2008

I have recently returned from a trip to India, where I listened to a presentation by Dr. Ajay Mathur, Director General of the Bureau of Energy Efficiency in the Indian government. There had been a lot of coverage in the Indian press about how the US had been pointing fingers at India, stating that until India sorted itself out on energy usage, it was pointless the US doing anything.

When set against per capita primary energy usage, this seems a little wrong—the average primary energy usage in the US has gone from 343.0 million BTUs per person in 1980 to 340.5 million BTUs per person in 2005 (latest figures available). Meanwhile, in India, it has gone from 5.9 to 14.8 million BTUs per person in the same period - still less than one twentieth of the US.

I found Dr. Mathur's presentation interesting, in that it showed how seriously India is taking its role as its population is becoming more dependent on energy. India has looked at the rest of the world, and has learnt from many of the mistakes that have been made in the US and across Europe.

As an example, let's look at what the EU has done on domestic white goods. The EU Energy Labelling system gives a rating from G (least efficient) to A (most efficient) on white goods, with refrigeration now having two higher possible ratings of A+ and A++. And herein lies the rub—as goods do get more efficient, the EU labelling system cannot adequately reflect this, and new ratings above the A level have to be brought in to ensure differentiation between the raft of A rated goods.

India decided to take a different route—it uses a 5* system, where 1* is the least efficient and 5* the most efficient. However, the rules as to what makes a device 5* or 4* change every year. Therefore, a manufacturer wishing to bring to market a 5* device that will be on the market for 3 years will have to build the device to the 5* requirements for 2011—not 2008. Otherwise, the device could become a 4* in 2009 and a 3* in 2010 as the rules change.

This is reflected in the way that India is looking at its data centres as well. Work is ongoing in rating backup power systems, large air conditioning systems as well as servers, networking equipment and so on. Within a couple of years, it is hoped that Indian organisations will be able to rate their data centres to demonstrate their green credentials—and they will have to work hard to keep these current, as the requirements for a 5* data centre will be as dynamic as those for domestic goods.

Further, if you are a big organisation using large amounts of energy, you will become a "designated consumer" and will have to employ an energy auditor. This approach is based on an act of government passed in 2001 on the subject of energy conservation. The organisation will have to declare its usage, and it is then compared against a baseline of similar organisations in the same market. This leads to a rating of the organisation, from which the government will then set targets for the company to manage its power usage more efficiently. The organisation has to create a three-year plan to meet these targets and has to report on an annual basis against this plan. There is capability to fine those who fail to manage their energy usage efficiently, but this is only small amounts at the moment. However, the approach seems to have been embraced by the majority of large Indian organisations.

The impact of this approach on data centres in India is massive. The growth of the data centre market in Mumbai, Bangalore, Pune, Chennai and elsewhere underpins India's claim to being an emerging world technology force. Many early data centres were not particularly energy efficient, but newer facilities are state of the art, driven not only by the rise in power costs in India, but by the approach taken by the government.

Could this work in the West? In theory, Quocirca believes that it could, but in practice, the mentality of the private sector in the west does not position itself well for what would be seen as government interference. It would also take a strong political will to face down the interested parties—and this has not been apparent in the majority of western governments lately.

Further, many data centres in the West are not well suited for retrofitting more energy efficient approaches, and the cost of building new data centres purely for energy efficient purposes is not cost effective.

However, it will be difficult not to pay attention to what a country the size of India is doing.

While its population moves into greater utilisation of domestic white goods and becomes more dependent on electricity and oil in other areas, there will be massive growth in the headline usage of energy in the subcontinent.

However, this will hide the underlying move to being an efficient user of energy, and the impact that this could have on Western economies as this leads to energy cost savings backed up by highly efficient IT services from modern data centres and continuing relative low labour costs may lead to much greater movement of IT capabilities from the West to the East.

Useful Links:

• Post Comment | Read Comments
• Send Page Referral
• Contact Clive Longbottom (Private)
• Social Bookmarks: Delicious | Digg | Reddit | Facebook | StumbleUpon