look around

Wearable technology is creating new privacy headaches for employers, a leading law firm has warned.

Technologies such as Google Glass and smart watches are gradually making their way into the workplace.

But the intrusive nature of these devices, which could be used by employees to take clandestine photographs or videos, are ringing alarm bells among some employers, says lawyer Sue McLean at Morrison and Foerster.  

“There are huge privacy and ethical implications around wearable technology,” she said in an interview with Computer Weekly.

She said wearable technology is likely to become more of a pressing issue for employers over the next few years as technologies, such as Google Glass, find new uses in the work place and home.

The market for wearable technology is set to grow from $1.6 billion to $5 billion, according to research by Gartner.

But as its use becomes more widespread, employers will need to put policies in place governing how staff use the technology.

For example, if a person wearing Google Glass videos a meeting with other employees, that could be construed as bullying, says McLean.

Similarly, an employee in a disciplinary action could use a wearable device to surreptitiously record the meeting – and then go on to use the recording in legal proceedings.

“Companies have to be very clear on how and why employees use wearable technology, make sure they are clear what the rules are, and that they have taken adequate precautions to comply with privacy regulations and the law,” she says.

Research has shown, says McLean, that employees using wearable technology are more productive if they know they are being monitored.

However, the technology raises potential privacy and data protection concerns that will need to be addressed by employers and trade unions.

For example, it may be legitimate to ask a fire fighter to wear Google Glass, showing a floor plan, to help them navigate through a burning building. But there may not be a good case for issuing Google Glass to shop assistants.

“It may depend what the job is, and whether employees can require wearable technology from a health and safety point of view, ” she says.

Companies may need to restrict or ban the use of wearable technology where employees have access to valuable intellectual property.

Organisations may choose to ban Google Glass from call centres, for example, where staff have access to customer records containing personal details about clients.

The technology could also raise new data protection issues, if companies use it to display sensitive data about their customers.

In January, Homeland Security agents removed a man wearing Google Glasses from the cinema

Virgin Atlantic, for example, has announced plans to issue staff at Heathrow airport Google Glass, to keep first class passengers up to data on flight information, weather and local events at their destination.

The devices, to be rolled out following a pilot earlier in the year, are able to alert staff to important passengers, by flashing their names, frequent flyer status and flight numbers on a mini-screen.

“Some of the information [in this type of application] could be classified as sensitive information. So if you are Jewish, and you chose Kosher food for your flight, that would show your religious affiliation,” she says.

Companies will need to make sure sensitive data is adequately secured, so it cannot accidently be leaked, she says, or be exposed to hacking risks.

Similarly, employees using Google Glass to make video recordings, will need to make sure that people in the video have consented to be filmed or recorded.

Experiences in the US have shown that so far, people have a tendency to over-react to new technology.

In January, Homeland Security agents removed a man from the cinema, and questioned him for several hours about potential copyright infringement, after he was spotted wearing Google Glass.

The man, who said he had only been wearing the Glass because it was fitted with his prescription lenses, was only able to prove his innocence when he persuaded officials to connect his Glass to a PC to examine its contents.

In another case a woman was accused of distracted driving when she was found to be wearing Google Glasses after being pulled over for speeding in the US. The charges were dropped because there was no evidence she had been distracted or had the device turned on.

Mobile phone cameras produced a similar reaction when they were first introduced, with many organisations responding by banning people with smart  phones, said McLean.

“That has gone away now because organisations realise you can’t ban all mobile phones, “ she says.

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy$("a#eproductLogin").attr('href', function(i) { return $(this).attr('href') + '?fromURL=' + regFromUrl; });

View the original article here

While it is extremely difficult to be completely anonymous on the internet, new technology is making it possible to protect users' privacy far better, says a Cambridge researcher.

“The current default on the internet is no privacy, which makes it easy to track everyone all the time,” said Steven Murdoch, a Royal Society research fellow in the Cambridge University computer lab.

“But there is a growing community of users, from the military and law enforcement officers to journalists, human rights workers and political activists, which is turning to anonymous internet communication for good reasons,” he said.

Murdoch pointed out that strong internet privacy is also crucial to applications such as electronic voting and online healthcare.

The most widely used open system to provide anonymity on the internet is the Tor Project, originally developed by the US Navy to protect government communications.

It protects internet traffic via a series of computers selected from the volunteer-operated Tor network to disguise where the traffic is coming from and going to.

Tor users are also recommended to use a customised web browser, based on Firefox, which helps to prevent tracing based on web browser characteristics.

“In recent years, there have been dramatic changes in how anonymous communication systems have been built and how they have been used,” said Murdoch.

“This includes the web taking over from email as the major means of communications and users of anonymous communication systems prioritising censorship-resistance over privacy.”

According to Murdoch, commercial and political realities are also affecting how projects such as Tor are run and software is designed.

He believes anonymous communication systems will have to adapt to changing circumstances and try to prevent malicious use of internet anonymity tools.

“Law enforcement agencies already have a wide range of tools to detect and prevent internet crime and the vast majority of these will still work when anonymous communication tools are used,” he said.

Murdoch will speak on the topic of anonymous communications at AppSec Europe at Anglia Ruskin University, Cambridge, on 23-26 June.

The conference is organised by the Open Web Application Security Project (Owasp) Foundation, an open-source organisation with over 45,000 corporate, educational and individual participants.

Owasp is a not-for-profit group that helps organisations develop, purchase and maintain software applications that can be trusted.

The group runs annual AppSec conferences in North America, Latin America, Europe and Asia Pacific.

Justin Clarke, Owasp London Chapter leader and director at Gotham Digital Science, said: “The AppSec conferences have become the focus for the industry to hear from the world’s leading experts, harness expert knowledge and stay abreast of the latest technology developments.”

Some of the presentations will discuss the vulnerabilities highlighted in Owasp's recently compiled list of the top 10 methods of breaking into web applications.

These include SQL injection, used by hackers to target Vodafone Iceland; cross-site scripting (XSS), which left Microsoft Office 365 open to attack; open redirects, which presents issues for Facebook; and insecure direct object references, which saw Yahoo's servers open to root access.

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy$("a#eproductLogin").attr('href', function(i) { return $(this).attr('href') + '?fromURL=' + regFromUrl; });

View the original article here

Oracle’s fourth-quarter 2014 results show 25% growth in cloud revenues to $322m and total annual revenue of $38.3bn, up 3% year-on-year.

The supplier reported its cloud revenue separately for the first time. It represents 3% of sales.

Larry Ellison (pictured), Oracle’s CEO, talked up the company’s cloud revenue in a statement. “Oracle is now the second largest SaaS [software as a service] company in the world [behind Salesforce],” he said. “In IaaS [infrastructure as a service], we are larger and more profitable than Rackspace. We have by far the most complete portfolio of modern SaaS and PaaS [platform as a service] products in the industry: CRM: sales, service and marketing; HCM: HR, payroll and talent; ERP: accounting, procurement, supply chain. All these SaaS products run on the world’s most powerful PaaS: the Oracle in-memory multi-tenant database and Java.”

For the quarter, software and cloud revenues were up 4% to $8.9bn. GAAP (generally accepted accounting principles) cloud SaaS and PaaS revenues were up 25% to $322m, while non-GAAP SaaS and PaaS revenues were up 23% to $327m. Cloud IaaS revenues were up 13% to $128m.

New software licence revenues were unchanged at $3.8bn, while software licence updates and product support revenues were up 7% to $4.7bn.

Hardware systems revenues were up 2% to $1.5bn with hardware systems products up 2% to $870m and hardware systems support up 2% to $596m.

However, GAAP net income was down 4% to $3.6bn, and GAAP operating profit was down 2% to $4.9bn.

For the entire 2014 fiscal year, total revenues were up 3% at $38.3bn, while GAAP software and cloud revenues were up 5%. Cloud SaaS and PaaS revenues were up 23% to $1.1bn while cloud IaaS revenues were up $456m.

For the year, new software licence revenues were unchanged at $9.4bn, while software licence updates and product support revenues were up 6% to $18.2bn.

Total hardware system revenues were flat at $5.4bn.

GAAP operating income was up 1% to $14.8bn, and GAAP operating margin was 39%.

Oracle president and CFO Safra Catz said a transition to an ‘as a service’ model is necessarily softening software sales in the short run. “Our cloud subscription business is now approaching a run rate of $2bn a year,” she said. “As our business has transitioned, more software revenues are being recognised over the life of a subscription, rather than upfront.”

On the hardware front, Oracle president Mark Hurd said: “We have transformed Sun’s commodity hardware business into a profitable and growing engineered systems business. Our overall hardware business grew 2% in constant currency this year.”

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy$("a#eproductLogin").attr('href', function(i) { return $(this).attr('href') + '?fromURL=' + regFromUrl; });

View the original article here

Oracle is expected to acquire internet-enabled point-of sale-specialist Micros.

The $5bn acquisition is set to be Oracle's largest since its decade-long spending spree brought in Siebel, PeopleSoft and BEA.

Oracle's last major retail software acquisition was Retek in 2005.

The addition of Micros is set to boost the company's retail platform and increase Oracle's influence in the food, leisure and hospitality markets.

Oracle is an existing technology partner of Micros, which uses the Oracle stack and Oracle's Real Application Cluster technology to support scalability.

The challenge for Oracle is that Micros is a Microsoft Gold Partner and HP partner. The company's Simphony 2.0 hospitality management is built on Microsoft .Net Framework 3.5, Windows Presentation Foundation, and uses SQL Server 2008 Enterprise and Windows Embedded CE 6.0 R3 operating system.

Micros also has a technology partnership with HP. The company's website says: "The partnership has built a new, incremental business for both companies, currently worth approximately €10m annually to HP Ireland."

Micros' customers include Pizza Hut in the UK, Wagamama, TGI Friday, Aston Villa FC, the Ricoh Arena in Coventry and Marriott International in North America.

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy$("a#eproductLogin").attr('href', function(i) { return $(this).attr('href') + '?fromURL=' + regFromUrl; });

View the original article here

Digital transformation can be a nebulous term and, like cloud and big data, it can mean different things to different people. But what is a common factor around this topic is that more companies are embracing digital as an essential part of their overall business strategy for the future.

The likes of John Lewis have led the way in implementing large-scale digital programmes in the private sector, and similar moves are taking place across the public sector. From local government and non-profit organisation projects by the likes of Camden Council and the Student Loans Company through to central government initiatives by the Government Digital Service, bodies are rethinking how they use digital channels to interact with the public.

While IT will be at the heart of digital services, there is also a requirement for collaboration with other teams within the business that are customer-facing. Marketing and customer service professionals are already staking claims to leadership roles within digital transformation projects alongside IT.

However, digital transformation projects are not clean slates. While they aim to provide new ways to interact, digital programmes will often require access to information stored in existing IT silos. These data sources can go back decades. So how can organisations marry the best digital options for serving internal and external customers with these legacy IT assets?

At the heart of this is a need to think differently around digital, based on the right mix of people, tools, frameworks and experience around collaboration. It involves creating a mindset change around IT and the business from the beginning, including moving away from conventional approaches to IT operations and towards more agile methods.

Digital projects on their own have tended to be more iterative than traditional IT implementations. Part of this is historical: they have been focused on online services and websites to deliver information, where the service can be changed in response to market developments without huge additional expense. Taking a lead from agile, goals are ongoing, rather than fixed and immutable.

Contrast this with the big investments that, for example, a large ERP project would entail, both on hardware and software. Making changes in the middle of a project leads to scope creep, change requests and potentially large additional costs. The impact of cloud computing and open source has made this less of an issue, because the cost of implementing these technologies is much lower.

In many cases, both open source and agile will need to complement legacy IT for the foreseeable future. To build on legacy, there are approaches that can help make this work. Alongside technical integration around data formats and programming interfaces, there is also the management side – rather than large-scale projects that take months or years to see through, agile projects are delivered in sprints, usually lasting two weeks.

This difference in project length is one of the biggest challenges for “traditional” IT in its interaction with the business. The ability to provide rapid showcases to demonstrate project progress will become the norm. There are more digital natives in the workplace, and there is an increasing number of people in business management roles who are tech savvy. 

This has led to more of a “Twitter mentality” around IT, which demands faster and more visible project progress and updates. Alongside this, business opportunities move at a much faster pace in the digital world, so IT outputs must keep pace in order to remain competitive, as well as pacifying senior management and stakeholders.

Managing this mix of projects involves thinking hard about what is presented back to the business over time. By being able to manage the digital “front office” that is available for everyone to see and evaluate services, IT can improve its ability to collaborate with business teams. At the same time, this front office can help the business side to collaborate with IT by streamlining requirements management. This approach is essential to successful collaboration between business and technology stakeholders because it breaks down some of the walls that can exist within an organisation.

Another element of digital programmes is the willingness to experiment with new tools and approaches. The perception in many organisations is that IT projects are either successes or failures, with no middle ground. This breeds a risk-averse mindset. Consequently, organisations are losing the ability to make pivots around these new projects and experiments in the way start-ups do.

One approach to this problem is to look at how the interface with the business stakeholders can enable a degree of experimentation, without it representing a perceived “failure”. Managing these expectations on the business side can also free up IT to try out new avenues, reducing the risk of exploring solutions with low cost and flexible tech environments and tools. This is an important way to begin collaboration around agile projects with line-of-business teams, if this is not something IT does already.

Creating this degree of freedom can make IT more productive and more empowered to take risks. But, at the same time, there must be an awareness of how far that experimentation can go. This ability to make “go/no-go” decisions quickly is fundamental to the future success of digital projects.

For companies looking at digital transformation projects, there are a number of strands that have to be brought together to make their initiatives successful. Just as cloud computing led to CIOs having to flex new muscles around SLA management and integration across different platforms, so digital transformation will require the development of new skills and knowledge. 

This will typically include building a greater understanding around other business units and their requirements, looking at working in more agile and collaborative ways, and learning more about customer needs and behaviours. For CIOs that are willing to embrace a new way of working, digital transformation represents a great opportunity to have a big impact on the future direction of the organisation.

Gareth Eynon is digital director at CDG, a digital integrator that helps organisations to implement new strategies and technologies

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy$("a#eproductLogin").attr('href', function(i) { return $(this).attr('href') + '?fromURL=' + regFromUrl; });

This was first published in June 2014

View the original article here

Unilever, the Anglo-Dutch consumer goods company, works hand in glove with SAP in “speeding up its growth”, according to senior executives at the two firms.

Unilever is one of 25 global customers with which SAP works on a “co-innovation” partnership basis, says Franck Cohen, president EMEA at SAP.

Unilever’s [now former] CIO Willem Eelman, who transitioned from the finance function to the chief information role he held for four years, says the company has been a “long-term customer of SAP, but it had been a fragmented presence [until recent years]”.

Eelman and Cohen were speaking together at a roundtable discussion during the supplier’s recent Sapphire conference in Orlando, Florida. Eeelman is now reported to be seeking a new role that combines finance and technology.

Eeelman says the fact that there is an embedded, global and end-to-end SAP team working within Unilever with his [former] team “has been a massive positive for us”.

He adds: “It has taken away the ambiguity of who we need to talk to at SAP. It is a massive simplification. Not every key supplier is doing this.”

Unilever has 174,000 employees, is active in 190 countries, and the constituent companies that came together to form the Anglo-Dutch venture in 1929 have histories stretching back to the 19th century. “Some 57% of revenues now come from developing and emerging markets,” says Eelman. “That sets us apart, and also, 60% of our IT organisation is in India.

“We have been a long-term customer of SAP, but I couldn’t tell you since when because we were a highly fragmented organisation. Only since the late 1980s and 1990s have we become first more regional, then more global.

“We have a massive supply chain and logistics business. We estimate that two billion consumers use our products on a daily basis. We have half a billion invoice lines to our customers on an annual basis, 400 million sales order lines, 100 million purchase order lines. We need extremely reliable business software for all that. An internal metric is 'composite uptime' of 99.89% and for that, SAP is critical.”

In recent years, Unilever has consolidated its enterprise IT into four landscapes: the Americas, Europe, large parts of Asia and Africa, and the Indian sub-continent.

“Cloud, mobility and digital are all big for us, and SAP is one key partner for those,” says Eelman.

As an example of mobility, he cites India, which has 2,500 Unilever distributors serving four million shops on a bi-weekly basis, with 65,000 individuals using Unilever-provided mobile systems to perform stock-taking and other tasks.

Eelman also confirms that Unilever is exploring the use of SAP’s in-memory database and platform Hana, and has been involved with the technology for seven years.

“Hasso’s vision was always about doing things that you could not do before, operationally, with the speed offered by Hana,” he says. “Initially, Hana went more into the business intelligence side, but we kept reminding SAP about the original idea of redesigning your core business processes.

“For example, we have Hana implemented in all four of our landscapes in an augmented mode so that it replicates the primary database [a combination of Oracle and IBM] for all our financial data. In near real time, we can run our P&L [profit and loss] and it has been a big component of Unilever being able to close its books at management level in one or two days. That’s not just accelerative, but transformational.”

Eelman confirms that Unilever is to investigate running Business Suite on Hana. “We have been careful up till now because size is so massive in our industry,” he says.

Describing the fundamental business case for the Unilever board to tolerate the level of disruption that moving one of the company’s ERP landscapes onto Hana would entail, Eelman says: “The reduced cost of running SAP is part of it. But the real value lies in better and faster information, the ability to redesign core business processes so that we can take stocks out of our supply chain, have even better order fulfilment, and so on.”

Cloud computing is another area Unilever is looking at. “But truly multi-tenanted, public cloud is quite a long way off for core ERP,” says Eelman. “It’s not like HR. For our core ERP, we need to know where our data is. I can’t go to a board [like Unilever’s] and say 'I don’t know where the data that runs our business is'.

“Unilever will go to public cloud where it makes sense and is doing that today with HR, and it is a big user of Amazon Web Services for marketing.”

Eelman adds: “My dream scenario is one where my SAP solutions are managed by experts and kept up to date all the time in a hosted environment, which is well managed and secure.”

Franck Cohen, who is on the SAP side of this long-term partnership, says it is one of a number of such partnerships. Ericsson, BMW, Mercedes, Nestlé and Danone have similar long-term relationships with SAP in which both parties endeavour to “co-innovate”, and where SAP has a seat at the captain’s table when a company is thrashing out its strategy.

“I believe most companies realise that to address new technology challenges and opportunities, such as cloud or big data, they need a strong partner,” says Cohen. “So they are more willing to do that in a co-innovative, partnership way because they do not have all the elements, and neither do we. We have the technology, but not the same understanding of their business issues. So they are willing to take a less tactical, more strategic approach, at least with some of their suppliers.

“If you ask [such large customers] if they think Hana will be a major part of their IT landscape, the vast majority say ‘yes’. They are not questioning the value of Hana, it is a question of timing. It is a matter of time.”

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy$("a#eproductLogin").attr('href', function(i) { return $(this).attr('href') + '?fromURL=' + regFromUrl; });

This was first published in June 2014

View the original article here

Cosmetics retailer Lush has reduced stock wastage and made its shops more profitable through using QlikView business intelligence software.

It started to implement QlikView in 2010 at the same time it was bringing in a new stock management system to track waste, and upgrading its till system. Until then, much of its business processes, such as ordering and waste tracking, had been handled manually.

Scott Silverthorn, head of reporting and data services at Lush, says the company “selected QlikView Business Discovery as it’s a very easy system for all of our staff to use, even with varying levels of technical experience”.

Qlik, which was founded in Sweden, might seem a good cultural fit with Lush, which prides itself on its ethical credo, not using animals to test its soaps and cosmetics, and supporting environmental causes. Silverthorn says most Lush staff would not be aware of that, although he adds that QlikView gatherings do remind him of his own company’s events.

The hand-made cosmetics retailer has reduced its losses in stock wastage by more than £1m since it started using the business intelligence (BI) software in its UK business.

The company is now running a project to integrate the data from its continental European shops, says Silverthorn. “The way the business has grown is to work with partners in Europe, but we’ve reached the point where we are bringing those shops under our wing. And we realise that they are where Lush UK was [from a BI point of view] three to four years ago.”

Silverthorn describes Lush’s technology strategy as similarly organic in that the company tends to deploy “small systems that do something really well”, and then integrate them.

The company does not plan to extend QlikView to its operations in the US or Japan, he says. “The European shops are served by our manufacturing facility in the UK. In the US they have their own facility and [the shops] are run as a separate business. In Japan, they have been looking at Qlik, though.”

Poole-based Lush has some 900 stores in 51 countries and is a manufacturer as well as a retailer. It has a range of datasets, including retail data within EPOS systems, supply chain and stock management, payroll and timesheet systems. In 2010 it needed a technology platform that could be used by employees at every level throughout the business to provide access to relevant sales, stock, store and staff information. A CRM consultancy and BI provider Qgate, based close to Lush’s headquarters in Fareham, helped deploy the software, “and they are still our main point of contact with Qlik”, says Silverthorn.

Lush has QlikView Enterprise Server hosted by Memset. The in-house development team that owns the application comprises Silverthorn and three others.

The software is used everywhere at Lush. Silverthorn says: “Some shop managers have told us they have had their most profitable year ever because QlikView has brought together the data they need to manage their sales, their stock and their staffing. By pulling it together in one place for analysis, QlikView allows them to make the right decisions.

“Our colleagues are naturally very inquisitive people and giving them access to data means they can find ways to improve performance to do a better job.”

Some shop managers have told us they have had their most profitable year ever because QlikView has brought together the data they need to manage their sales, their stock and their staffing

Scott Silverthorn

Silverthorn says staff in the shops are animated by a spirit of friendly competition, and QlikView is their window onto their commercial performance. 

“I personally live in QlikView,” he adds. “The reporting function is so natural and intuitive that it’s easy to share with your colleagues, so everyone gets the same experience. Our next goal will be to give our senior managers access to the technology, via tablets and mobile devices.”

He advises peers in other organisations to put the time and effort into training frontline staff in using the software. “To show it is not as scary as they might think. Sometimes they’ll say 'QlikView’s being a bit naughty today', but it’s always a network problem, not QlikView’s fault at all.

“People were nervous at first, and it took time to do the training tour, but the feedback was very positive. Everyone in a support role here is available to staff. If they have a reporting or design request they will send an email straight to me.”

He confirms that by combining QlikView with Lush’s stock value management systems, the company was able to make savings of more than £1m in the first two years of deployment. A peculiarity of Lush’s business is that the freshness of the products, and the fact that they are deliberately not packaged, for environmental reasons, makes for a “lot of waste”, so the company needs to keep as tight a rein as possible on its physical stock. It strives to order exactly what it needs to make the right amount of stock for the levels being sold and ensuring that no products go out of date.

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy$("a#eproductLogin").attr('href', function(i) { return $(this).attr('href') + '?fromURL=' + regFromUrl; });

View the original article here

The news that Nokia was held to ransom over a digital certificate should raise alarm bells in organisations with aspirations to digitise their business.

MTV in Finland reported that in 2007 a blackmailer gained access to a Symbian encryption key used for signing Nokia certified applications. Nokia paid the blackmailer millions of pounds to prevent the key being released, according to the broadcaster.

If the key had been released, hackers would have been able to create Trojan Horse applications targeted at Symbian users.

Compromised digital certificates were also largely to blame for Stuxnet, which attacked industrial Scada control systems.

But many consumer-facing companies are driving digitisation across new product development. These products are likely to have large software components that rely on digital certificates to maintain integrity.

Modern consumer electronics such as smart TVs and games consoles offer consumers a way to keep the device up-to-date, with internet-distributed firmware updates.

As companies enhance their existing and new products with internet-connected systems, such updates will become increasingly common. Manufacturers may even choose to update them automatically without any user intervention.

A digital certificate is meant to provide a level of guarantee that the software being installed is from an authorised source. If the certificate can be compromised, a hacker could install any application on the target device.

Last year Hiroshi Shinotsuka from Symantec, which owns the Verisign certificate authority, discussed the challenges in keeping digital certificates safe. In a blog, Shinotsuka recommended that developer teams protect private keys by setting up a software development network and completely segregating it from the internal company network. "Use different passwords for both networks. If malware compromises a computer on the company network, it cannot gain access to private keys," Shinotsuka wrote.

Shinotsuka also recommended that developers use test certificates until the software is ready to deploy and, rather than store certificates on a computer, put them on encrypted USB tokens and keep them in a safe.

According to analyst Gartner, businesses are increasingly looking at developing more digital services to remain competitive. However, traditional approaches to IT and business strategy are regarded as speed bumps slowing down the digitisation drive.

In May Michele Cantara, research vice president at Gartner, stated: "To deliver on the growth outcomes the C-suite expects, change agents in business and IT need to challenge long-held assumptions about management, organisational and technology best practices."

As such, there will be pressure coming from the business to release products much faster than a traditional approach dictates. Code quality will need to be kept high and keeping digital certificates secure and safe will become a priority.

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy$("a#eproductLogin").attr('href', function(i) { return $(this).attr('href') + '?fromURL=' + regFromUrl; });

View the original article here

Six suppliers have been shortlisted for the new NHS electronic staff record (ESR) project – the largest HR and payroll software implementation in the world.

IBM, CSC, Atos, Tata Consultancy Services, Steria and BT/Accenture are bidding for the contract, with the list due to be cut to three by the end of this month.

ESR is currently provided by McKesson, which won a £325m deal in 2001. The original contract expires on 31 August 2014, but McKesson is not bidding for its replacement after selling much of its UK healthcare business to private equity firm Symphony Technology Group earlier this month.

McKesson has agreed a contract extension to November 2015, with its successor due to be selected by 14 September, according to the NHS ESR website.

ESR covers more than 1.2 million NHS employees and is currently based on Oracle’s E-Business Suite software. According to McKesson, the system has delivered more than £200m of benefits to the NHS during the current contract.

The ESR replaced more than 30 different systems previously in use. It includes functions such as recruitment, talent management, absence management, self-service and core human resources capabilities.

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy$("a#eproductLogin").attr('href', function(i) { return $(this).attr('href') + '?fromURL=' + regFromUrl; });

View the original article here