|
|
Considering setting up a joint venture to save on temporary staff recruitment costs? Don’t do anything before reading this, writes Ian Middleton, Business Director, Matrix.
Rising interest rates, soaring inflation and a cost-of-living crisis; growing external pressures have consumers and businesses alike tightening their purse strings in an effort to weather the economic storm that’s brewing. Finance bosses in councils across the country are no exception – many left scratching their heads as they search for opportunities to make cost savings where they can. Don’t get swept up by the headlines, there are cost savings to be had when it comes to temporary staff recruitment – but joint ventures aren’t the solution.
Back in October last year, York Council bosses were told to find cash savings as council finance manager Patrick Looker warned of “troublesome times” that should have everyone “worried”. He cited the use of agency staff in both children and adult social care as two of the biggest areas of overspend for the council, highlighting that the council “cannot afford to continue overspending at the rate we are in those particular service areas”.
If it’s not broken, don’t fix it
The problem is that this model doesn’t work for the long-term and before councils consider taking a similar approach, it’s worth looking at the bigger picture first. With a model like this, it might seem like a quick fix to save costs in the short-term but there’s a bigger scenario at play. Agencies will soon catch on to the fact that they are just being used as a recruitment tool for this model and will ultimately stop supplying workers. When that happens, the council will have to go off-contract and direct to agencies to fill the spots.
 Ian Middleton – Matrix An arrangement like this is heavily weighted to one side, those who want to take agency workers away from the agencies – after a certain period of time, those workers are then required to sign over to the new JV agency without having a say in the matter.
We’ve already seen it happen with other councils, who have ended up with massive amounts of off-contract spend, which isn’t strategic but ends up being the only way to get the workers to meet the demand for roles to fill. With the agency margin staying within the JV, it might look good on the profit sheet at the end of the financial year but if you look beyond that, what you’ll really see is that the council is being charged the same amount of money, negating the need for agency margin which effectively will be held as a surplus.
A fair, transparent approach to recruitment
Going direct to the agencies contradicts the neutral vendor model, making even harder work for the councils trying to recruit. The beauty of a neutral vendor model is that it widens the talent pool by creating a fair and transparent marketplace that builds competitive advantage and allows councils to recruit temporary agency workers for the right cost. What’s more, by competing with one another on an open and transparent field, prices more accurately reflect the true value of each candidate’s skills and expertise.
Moving away from a temporary staff recruitment model that was already working efficiently might at face value show profit in a good light – but it’s not actually saving any money. The end client (the council) will still be charged the same amount, the money will just be put in another place. The danger with this is the hidden costs that you can’t see.
You might be using the agencies as a resource in the short-term but after a period of time, you’re then taking the workers off them and bringing them onto your own contract. That won’t go down well with the agencies, who won’t want to supply through it, effectively wiping out the entire supply chain that connects employers with the staff they need.
So, before you consider taking a different ‘strategic’ approach to recruitment through a joint venture, think about the bigger picture. Think about the supply chain you’re about to wipe out, the ineffective route to market and the hidden costs that you don’t immediately see.
- MICHELIN Connected Fleet helps Marston Holdings to unlock 13.4% fuel efficiency improvements and cut engine idling by 14%
- Data from the on-board telematics system helps company maximise efficiency savings across its 1,400-strong car, van & truck fleet
Marston Holdings is reaping the benefits of MICHELIN Connected Fleet’s smart data and personalised performance analysis, pointing to a year-on-year reduction in fuel consumption of 13.4 per cent across its fleet.
The organisation relies on MICHELIN Connected Fleet across its 1,400-plus vehicles, which includes 650 vans, 350 cars, 300 scooters and around 150 trucks.
 MICHELIN Connected Fleet has helped Marston to unlock 13.4% in fuel efficiency improvements across its 1,400-strong car, van and truck fleet. Marston provides technology-driven solutions for more than 500 local authorities across the UK, as well as central government and private sector organisations, from design through to implementation.
Data collected and analysed by MICHELIN Connected Fleet’s team shows the company has reduced its fleet size by nine per cent during the last year through improved asset utilisation, whilst engine idling has dropped by 14 per cent and CO2 emissions have decreased by four per cent, contributing to a more sustainable business.
Lee Jackson, Marston’s Head of Fleet and Transport, says: “We’re using MICHELIN Connected Fleet to monitor the data from all our vehicles to make sure we get consistent information. It gives us absolute confidence in the data to assess, validate and verify our operations, directly supporting us to make decisions which help the business to become more sustainable.”
Under Marston’s ongoing EV transition programme, smart data gathered by MICHELIN Connected Fleet covering daily mileage, usage, range and terrain is also enabling the company to identify when it is advantageous to switch fossil fuel vehicles to fully electric, factoring in charging infrastructure, downtime, and range. As a direct result, Marston has been able to increase the size of its electric and hybrid fleet to 17% year-on-year.
MICHELIN Connected Fleet’s on-board telematics is also aiding the company’s risk management strategy, with detailed reporting used to modify driver behaviour and leading to fewer incidents of harsh accelerating and braking. These insights in turn help to reduce the likelihood of accidents, whilst also anticipating maintenance requirements to reduce unscheduled downtime.
Jackson adds: “MICHELIN Connected Fleet has been great, proving 100% reliable and giving us real-time insights about how the fleet is performing.”
Commenting on the personalised support from the MICHELIN Connected Fleet team, he adds: “They are forward-thinking and deliver on their promises, which is great. They really want to make a difference and properly understand our business model to assist us in the best way.”
 The on-board telematics system is giving Marston real-time insights about how its fleet is performing. MICHELIN Connected Fleet collects vital data through a range of on-board telematics systems to give fleet managers a real-time view, as well as a detailed report, of their goods and the assets making up their fleet. Those tools and services help to optimise fleet utilisation, which in turn reduces operating costs, whilst bolstering road safety by providing valuable feedback on driving behaviours.
Gilson Santiago, CEO of MICHELIN Connected Fleet, says: “This partnership highlights how we can use the power of our fleet management tools and services to help customers future-proof their operations, and make every single vehicle work more efficiently, and to become a more sustainable business.”
Marston Holdings began enforcing court orders almost 40 years ago. Its 5,000 staff and contractors work across 170 offices and 23 car pounds, helping to collect £850m a year on behalf of UK taxpayers and business.
 Environmental charity Hubbub has published its ‘In The Loop’ toolkit, an in-depth guide for local authorities on how to roll out successful recycling on-the-go campaigns and thereby increase recycling rates and reduce the amount of waste sent to landfill or incineration.
The toolkit, funded by environmental compliance scheme Ecosurety, brings together key learnings from #InTheLoop, the UK’s biggest collaborative approach to boost recycling on-the-go, which was first trialled in Leeds in 2018, followed by similar trials in Swansea, Edinburgh, Dublin, Wimbledon, Telford and Lambeth.
These areas tested a range of colourful and eye-catching bins to make it as easy as possible for people to recycle empty glass, plastic bottles, cans, and in some cases coffee cups. Across these pilots, over 500 bins were installed and over 2.5 million plastic and glass bottles and cans were collected and recycled.
The results and learnings from the trials have been compiled into this new toolkit to act as a blueprint for other local authorities, and the online resource is packed with information, tips and downloadable templates and assets. Key recommendations include:
- Bright bins: Make the bins colourful and bright, so they’re easily visible and stand out on busy streets.
- Be specific: Consider updating your bins with clear messaging. People are confused about what to put in the bin and ‘mixed recycling’ gets mixed results. People spend less than 2 seconds at a bin, so be concise and give clear instructions.
- Bins need buddies: Don’t leave a recycling bin by itself. Place recycling bins next to general waste bins or use dual bins. Otherwise, general waste will end up contaminating your recycling.
- Keep it positive and simple: Use positive, encouraging messages in your communications and avoid jargon. Repetition of these simple messages is key – we need to hear something 7 times on average before our behaviour changes.
- Build a partnership: Work with the local partners to increase the opportunities for people to see and hear about the new campaign, whether that’s through in-store posters, social media posts or in-person events to raise awareness of the waste issue and the how to use the new bins.
- Measure and make better: Measure what does and doesn’t work through on-the-ground observations, public surveys and waste composition analysis, and refine your approach accordingly.
The toolkit provides valuable and easy-to-implement advice to local authorities, for whom on-the-go waste continues to be a significant problem. It is estimated that 9 in 10 of us recycle at home compared to 4 in 10 who recycle on-the-go. In 2019 an estimated eight billion drinks containers failed to get recycled in the UK. At the same time, less than half of local authorities currently have on-street recycling systems, and 94% of the British public would like to see more recycling points in public places.
To help local authorities roll out public recycling points and boost out of home recycling, the publication of the toolkit is supported by additional funding made available by The Coca-Cola Foundation.
 New recycling bins in Brixton The #InTheLoop grant fund aims to build upon the successes and impact of the seven #InTheLoop campaigns, and Treasure Your River, the largest ever collaboration to reduce litter along five major UK rivers. The fund will support four new projects to introduce or improve their recycling points using the #InTheLoop toolkit in areas that include waterways, such as coastline, riverways, canals, docks or wetlands.
Grants of £25,0000 will be made available to each successful applicant. As well as the funding, Hubbub will provide ongoing support to successful applicants based on the charity’s expertise and experience in delivering recycling campaigns. The application deadline is at midnight 15 December 2022.
Gavin Ellis, co-founder of Hubbub, said: “Our new toolkit pulls together key insights from seven trials in a variety of UK locations that have taken place over the last four years. Our ambition is for #InTheLoop to become a recognised and effective approach to out of home recycling that can be replicated throughout the UK and beyond. We hope sharing our results and learnings openly will be useful to local authorities looking to improve their recycling services.
“We’re delighted that additional funding from The Coca Cola Foundation will help four local authorities to get started and put the toolkit into action to help boost recycling rates and reduce marine litter.”
Stephanie Housty, Marketing & Sustainability Manager at Ecosurety said: “Four years after we joined forces with Hubbub to launch the #LeedsByExample campaign, we are thrilled to close the loop with #IntheLoop by funding this toolkit. Packed with useful tips and assets, it aims to inspire more locations to start or improve their own on-the-go recycling infrastructure.”
For more information on the grant funding and to access the In The Loop toolkit, visit www.intheloop.org.uk or contact intheloop@hubbub.org.uk
Last year’s Budget set aside £2.1 billion for NHS IT, and the autumn statement confirmed the capital is still there, but it looks like most of the money is headed for Frontline Digitisation. The Highland Marketing advisory board considers how this pattern of putting money into health tech, taking it out again, shaking up the badging, and starting over impacts the market.
There was some anxiety ahead of the autumn statement about what Jeremy Hunt might have in store for health and care. In the event, the chancellor found a headline £3.3 billion for the NHS for the next two years, and £2.8 billion for social care next year, with another £4.7 billion the year after.
Perhaps as importantly, he didn’t axe some major capital projects. The money allocated to the New Hospital Programme, diagnostics, and IT in last year’s Budget is still there. However, that doesn’t mean the huge financial pressure on the NHS has been alleviated, or that there is lots of new, central funding for digital technology.
As Andy Kinnear, a former NHS CIO who works for Ethical Healthcare Consulting, told the Highland Marketing advisory board: “The autumn statement was better than expected, but only because expectations were in the cellar.
“The NHS is getting more money, but that is coming on the top of a decade of contraction. What it needs is investment. What it got is a settlement that takes us back to where we were and stops funding falling in real-terms for the next two-years.”
Budgets and priorities
Last year’s Budget identified £2.1 billion for the “innovative use of digital technology, so hospitals and other care organisations are as connected and efficient as possible.”
Allocation has been on hold, pending the autumn statement. Now it has taken place, the expectation is that most of this funding will go on the Frontline Digitisation programme, which will try to get all acute trusts up to a basic level of digital capability (level 5 on the HIMSS EMRAM maturity model, or an English version known as minimum digital foundations).
Neil Perry, director of digital transformation at Dartford and Gravesham NHS Trust, said: “I am hearing that Frontline Digitisation will be pretty much everything. There will be some money for technology in pots set aside for other NHS England priorities, such as diagnostic hubs, digital outpatients, and perhaps virtual wards. But that’s the priority.”
Tough times for innovators
This pattern of NHS IT funding being announced, then clawed back or at least delayed, only to be re-announced, often with a new badge on it, is not unusual. Neil Perry described it as the “digital funding hokey-cokey” and argued that it distorts the health tech market.
“Delay is ok for the big companies – the big EPR-vendors – because they can just wait it out,” he said. “The small companies – the innovators – are living on credit, so any delay can push them under, or make them vulnerable to being bought out.”
Radiology expert Rizwan Malik said he was very concerned about SMEs. “I really worry that what we did during Covid to change mindsets is being undone,” he said. “During the pandemic, we had all these small companies come in wanting to help the NHS, and we told them that if they could prove their ideas, we’d work with them.
“They set up pilot after pilot, and now we’re bringing down the shutters.” Entrepreneur Ravi Kumar agreed. “The current situation is causing a lot of disappointment among start-up companies,” he said. “They go to CIOs and find that they are being asked to take money out of operational areas, never mind innovation budgets, and they just don’t buy.”
What next for big tech?
However, even the big EPR vendors might not be all that happy. Soon after Tim Ferris came to the UK to head up the NHS England transformation directorate, there were reports that he’d suggested buying Epic for all trusts.
While this was never going to happen, Tim Ferris and his chief information officer, Simon Bolton, indicated that they wanted Frontline Digitisation to both level-up acute sector IT and “converge” the systems in use across hospital groups and, possibly, integrated care systems.
The market consensus was that this would suit the ‘megasuite’ or ‘single-supplier’ EPR vendors better than newer entrants with modular offers or data platforms to support ‘best of breed’ strategies. But now the rumour is that NHS England is rowing back, because of the costs involved.
Neil Perry mused: “I wonder what is in it for the big, US vendors. The implication was that there would be a good level of money going into levelling up, and now it’s clear that there won’t be as much as these companies were hoping, and trusts are being told there’s more than one way to HIMSS 5.”
The only certainty is uncertainty
To add to the uncertainty about funding and policy, there is a general election due in two years. This means Frontline Digitisation money is only confirmed until 2024-5. Yet big EPR contracts tend to run for a decade.
In these circumstances, it wouldn’t be surprising if some finance directors balk at signing up with a single supplier. Which might provide another boost to the modular or best of breed approach.
If it does, the NHS will need both smaller suppliers and in-house expertise to deliver their strategies over an extended period of time. But if SMEs are under pressure, trusts are being asked to make ‘efficiency savings’ that tend to fall on any departments not on the ‘frontline’.
And, as Ravi Kumar pointed out: “If trust people vanish, all the good work that was done during the pandemic to build NHS IT capacity will vanish. Even if you get the money to run projects, the ability to execute them will vanish.”
Be clear about where the money is coming from
Almost every observer of the NHS and social care argues that they need a more stable policy environment in which to operate, with cross-party agreement on what they should be looking to achieve for communities across the UK.
 This would make it easier for government to work with central and local organisations on long-term investment plans and for suppliers, including health tech companies, to draw up roadmaps that align with them. As James Norman, a former NHS CIO who now works as EMEA health and life sciences solutions director at Pure Storage, noted, the digital hokey-cokey has real consequences.
“The NHS is living in an environment in which it is constantly promised and then denied funding, to the point where organisations are reluctant to spend strategically when funding does arrive, for fear it will vanish again in future years.
“Confidence needs to be reinstated from the Department of Health and Social Care and NHS England, so that when a commitment to funding technology is made, integrated care systems and trusts can be confident they won’t get left with the bill a year or two down the line.
“Not doing that will just create more pressure in the system to focus on keeping the lights on; and take resources away from planning for the future and implementing those plans.”
However, with the Treasury on its third Budget in a year, the DHSC on its third or fourth secretary of state (with Steve Barclay doing the job twice), and NHS IT leaders bailing out of the merger of NHS England and NHS Digital, stability feels a long way off. If anything, it feels more likely that the digital funding hokey cokey will pick up speed. In this environment, the advisory board suggested, health tech vendors need to help potential customers by finding alternative sources of funding, such as research, or making use of the data in IT systems.
Or they need to find partners that can deliver change across care pathways and release genuine efficiency savings that can be reinvested despite the turmoil that surrounds them.
Darkest hour before the dawn?
On the last point, Andy Kinnear argued that if there is any upside to the current situation, it is that things are so bad that change is an absolute necessity.
“Perhaps services have to feel the pinch to make them work together and do things in a different way,” he said, suggesting that shared support organisations, infrastructure, and implementing the kind of self-serve technology that is common in retail and banking might be good places to start.
“The downside,” he continued, “is that if the financial pinch squeezes any harder it could start impacting on things that are mission critical. So, I’m torn between seeing positives for the long-term and negatives for this winter. And the big question is how we get from one to the other without putting lives at risk.”
 Sascha Giese By Sascha Giese, SolarWinds Head Geek™
When protecting computer systems and networks, the “biggest cyber risk is complacency, not hackers.” That’s according to John Edwards, the UK’s Information Commissioner who warned that companies are leaving themselves open to cyberattacks by ignoring crucial measures such as updating software and training staff.
The warning comes as the Information Commissioner’s Office (ICO) issued a fine of £4.4m fine to a Berkshire-based construction firm for failing to keep personal information about its staff secure.
Although Edward’s comments were addressed at businesses, he may have just as well speaking to the public sector.
Recent high-profile incidents concerning the use of private communications within the government underline, yet again, the difficulties public sector IT staff face daily in keeping the nation’s data safe and secure.
That’s why cybersecurity is a growing concern that will continue to dominate the workload of IT professionals, as highlighted by seventh Public Sector Cybersecurity Survey Report.
But it’s not the only issue to dominate the ‘to-do’ list of IT professionals working in the public sector. As they look ahead to 2023, the ongoing reliance on legacy systems is a constant brake on progress and a drain on resources.
The ongoing drag caused by legacy systems
It was a point highlighted in an independent government report published in July 2021 —Organising for digital delivery — which touched upon the extent to which out-of-date “legacy systems” are still being used even though they are often built on obsolete technical platforms or still using programming languages that are no longer widely supported.
Its analysis found: “[A]lmost 50% of current Government IT spend (£2.3 billion out of a total central Government spend of £4.7 billion in 2019) is dedicated to ‘keeping the lights on’ activity on outdated legacy systems, with an estimated £13-22 billion risk over the coming five years.”
This level of expenditure is simply unsustainable. But while much of the talk about legacy systems pivots around cost and the fact they were not designed for today’s data-demanding world, this ageing technology is also at the root of other problems, such as recruitment shortfalls.
Although the government is constantly looking to attract new talent, today’s graduates are unlikely to want to work on increasingly redundant systems. Or, to put it another way, the public sector lacks the innovation many younger people require as part of a fulfilling career. Add in the salary gap between the public and private sectors, and there is little wonder that government agencies struggle to fill positions.
Privately, some people have suggested the recent high-profile job losses at some of the biggest tech employers could be a fillip for public sector recruitment for those looking for job security during economic uncertainty and job insecurity.
Recruiting IT talent for the future
If true, it’s only likely to be short-lived. And it certainly doesn’t address the underlying issues that the public sector needs to resolve if it is to plug the skills gap.
Of course, while some things are beyond the control of IT managers, some areas could be addressed. And that includes addressing the ever-growing IT complexity within the public sector.
The SolarWinds IT Trends Report published in 2022 found that the acceleration of hybrid IT has increased network complexity for most organisations. Acknowledging this and taking steps to mitigate the pain points would be a good start.
So too, would addressing systemic issues — such as helping to promote communication not just within IT teams but between IT teams. People often talk about siloed systems, but this also includes teams and the reluctance to break down the walls of their own departments.
And yet, by implementing a unified platform, departments not only have the opportunity to bring data together to provide visibility across the board, it also helps to bring people together. And if that means helping to remove a culture of finger-pointing then so much the better.
Such a shift would also help to rationalise the number of tools being used, reducing the amount of money spent on unnecessary software licences and the time spent carrying out tasks across multiple platforms.
Of course, there’s nothing new in any of these observations. Issues around security, legacy systems, and recruitment are never off the agenda. Highlighting them, however, does ensure they remain a constant reminder of the challenges ahead — and what needs to be done.
 IGEL, provider of the managed endpoint operating system for secure access to any digital workspace, recently announced that it is a major technology partner supporting the annual Crisis for Christmas campaign to help the homeless – the 12th year it has helped the charity.
Since 1967, Crisis has supported the most disadvantaged in society at Christmas, helping to get rough sleepers off the streets at a time when the nation is celebrating the festive period with friends and family.
According to Crisis’ research, 200,000 households are homeless in Britain today – not dissimilar to the number who visit the Glastonbury Festival each year – with rough sleeping expected to rise 76% in the next decade unless the government finally takes firm action to tackle it.
At Christmas, Crisis sets up residential and day care centres and offers various services – everything from medical, dental, financial, counselling along with social and sports activities. It also feeds people: over 31,000 meals are cooked using more than 200 tons of food.
The Aimar Foundation, a charity founded in 2005 with a mandate to help other not-for-profit organisations with their IT, has been Crisis’ primary technology partner for the past 15 years. IGEL supports the Aimar Foundation with technology therefore playing a vital role delivering the project.
COVID-19 forced a radical change in how Christmas services are delivered
In 2020, the Coronavirus pandemic drove a complete rethink about how the whole Christmas project is run, with the same approach to IT to be taken this year.
Chris Riley, the Aimar Foundation’s CTO and project director, explains, “COVID-19 prompted a thorough review and re-engineering of the whole IT environment. A range of new technical innovations were introduced, not only to guarantee a practical way for guests to actually contact Crisis for help, but to enable team collaboration and remote working. This was important to ensure help could still be provided in the event that one worker got sick and the whole shift then had to self-isolate.”
A unified communications and cloud strategy has been implemented using various components:
- In the past, hundreds of IGEL OS powered endpoints connecting to Citrix virtual desktop infrastructure (VDI) were installed in temporary Internet Cafes – quickly set up for the Christmas appeal. Guests could then access a hosted desktop running Microsoft Office to surf the web, send emails and communicate with loved ones, with Crisis’ operational staff also using the same equipment. After a hiatus because of Covid lockdowns, the Internet Cafes were again set up this year at the various Crisis centres.
However, the Aimar Foundation has decided to migrate away from VDI given the price per desktop had increased year on year.
Simon Clark, the Aimar Foundation’s CEO and part of Microsoft UK’s customer success unit, says, “We could scale the solution easily, but the costs would have increased, too. We’ve taken a different approach; rather than having a desktop in the cloud, we’ve shifted to apps and data to the cloud and migrated to Office 365 and Teams for volunteers.
2. For Crisis staff, IGEL has again loaned its powerful UD7 endpoints which enable client apps for both Office 365 and Zoom to be run natively on each device taking advantage of the latest AMD Ryzen processor and 8GB of RAM. Put another way, the multimedia ready IGEL UD7 endpoints allow direct access to the Internet without the need for the additional cost of connecting to a VDI environment. This is a huge benefit for the Crisis volunteers. Teams means staff can collaborate and work together through the one platform whereas before it meant communication through email or numerous mobile phone calls.
In addition, all Internet Cafes this year used pre-owned Lenovo mini-PCs, repurposed to run IGEL OS. They were supplied by Tier 1 Asset Management – a company that specialises in the ethical refurbishment of technology assets which supports the Aimar Foundation’s focus on sustainability.
- For Crisis volunteers, a software-based VoIP platform from 3CX hosted by Gradwell Communications is being used, too. 3CX is a virtual PBX able to handle the call volumes between volunteers – avoiding the need for them to make expensive mobile phone calls.
The cloud delivers total flexibility for backend infrastructure
The Aimar Foundation has shifted the back-end infrastructure to Microsoft Office 365 and Azure with three separate tenants set up: one for the Christmas campaign only; the second for Crisis to use all year round for operational purposes; and a third dedicated to the Aimar Foundation itself. This is so that it can run its own applications, monitoring and management tools, completely segregated from data and applications hosted on the Crisis tenants.
Riley says, “An IGEL UMS server runs on the aimarfoundation.org tenant which sits behind cloud VPNs to ensure maximum security. This is a major benefit – the ability to use UMS in Azure to deploy a site from scratch in literally 3 or 4 hours with no requirement for a local server.”
Crisis has also updated its primary operational application – C-Log – which underpins the Christmas campaign and records all advisor interactions with guests. This has been migrated from Microsoft Access to Microsoft Dynamics 365 and has been integrated with the 3CX phone system.
Clark adds, “Each year, we always try to bring new innovation. We built a PowerApp to manage the whole logistics process. So, if one location wants black trousers in XL, this is ordered and delivered. It’s integrated with Teams and a big improvement compared to the old paper-based process such that we estimate a huge 60% time saving on order processing.”
In terms of printing, this has always been a challenge for the Aimar Foundation in terms of sourcing equipment at short notice, with practical problems then having to be solved such as whether the machines have a network card and the right drivers installed. To address this, the Aimar Foundation invested in buying its own MFPs over ten years ago which have recently been updated.
Riley explains, “Sponsorship by Konica Minolta – who kindly loaned us 33 Bizhub C3531 and C3831 machines – has introduced colour printing, with a hosted, Azure-based print solution from PaperCut now used, too. This allows guests and volunteers at all locations to send emails and/or attachments for easy printing as well as scanning directly from the printers to their email addresses.”
Moving forward, the Aimar Foundation will be look at how it can capitalise on the power and features of IGEL OS to re-purpose other hardware to be more sustainable and ‘green’.
Ian Richards, Head of Crisis for Christmas, says, “The logistical challenges are massive so the shift to the cloud really helps us: it’s an ideal technology approach given we set up services for a short period of time over Christmas and then turn them off in the New Year. Without the IT support we get from all our partners, particularly the Aimar Foundation and IGEL, we just wouldn’t be able to deliver the project like we do.”
Watch a 5 minute film about the Crisis project:
youtu.be/QFbmlmxGdi8
To donate to the Crisis at Christmas campaign, see below.
www.crisis.org.uk/get-involved/donate-to-crisis-at-christmas/
 By Sascha Giese, Head Geek™ at SolarWinds
With citizens looking for convenience wherever they can—from responsive mobile apps to joined-up services—public sector organisations are under increasing pressure to develop and deliver the IT solutions needed to facilitate such services.
It was something laid out in June when the U.K. Government published its 2022 – 2025 Roadmap for Digital and Data.
In it, ministers set out their ambitions to “transform digital public services, deliver world-class digital technology and systems, and attract and retain the best in digital talent.”
It also spoke about the need to “drive value for money to the taxpayer, by transforming our ways of working to enable the civil service to work smarter and faster and deliver on our ambitions for widespread digital transformation.”
Demand for digital government services is growing
But there was also an admission that, as set out in a report by the National Audit Office in 2021, prior attempts at public sector digital transformation have had “mixed success.”
“Previous strategies have lacked specificity, cross-government endorsement, clear lines of accountability, and business ownership. Subsequently, former flagship programmes have slowly shut down and failed to deliver results,” it said.
While this may be true, the reality for many front-line public sector IT teams is somewhat different. In many cases, they have to deal with siloed legacy systems, some of which are built around 30-year-old supercomputers.
I’m not the first to point this out—nor will I be the last—but the truth is these systems are often ill-equipped to meet the needs of people and government today.
In many cases, the challenge for public sector IT teams is how to stitch together legacy technology with modern solutions to deliver the kinds of interactive experiences people expect. But it’s not so simple.
Complexity is acting as a handbrake on progress
A report published by SolarWinds, Getting IT Right: Managing Hybrid IT Complexity
2022, found four in 10 (38%) enterprise tech pros found the fragmentation between legacy technologies and new technologies was the number one cause of increased complexity within their operation.
When asked about how confident they were this IT complexity could be managed, only 16% said they felt extremely confident, with a third (34%) admitting they “weren’t fully equipped” to manage such complexity.
Sascha Giese In a nod to the rapid progress made in the last couple of years, the report pointed out in many cases, the response to the pandemic had accelerated the pace of digital transformation across the world. Instead of migrating to the cloud as part of a phased rollout, the report observed it “happened overnight, as workers everywhere went remote and were no longer within the office’s four walls.”
But while this response helped keep businesses and public sector organisations running, it added more levels of complexity on top of already complex systems.
Training, preparation, and investment are key to successful delivery
In highlighting a key conclusion, the report points out: “IT professionals have a concerning lack of confidence in their ability to manage today’s hybrid IT environments. And more worrisome, most IT pros believe return on investment (ROI) has been impacted due to increasing IT complexity.
“Successful digital transformation is only within reach of every organisation with the right amount of training, preparation, and investment,” it said.
And yet, there’s clearly an appetite for change. In a separate report—SolarWinds Public Sector Cybersecurity Survey Report—200 public sector decision-makers and influencers in the U.S. were asked about the challenges faced by public sector IT professionals.
When pressed on investment priorities, 60% said replacing legacy applications and migrating systems to the cloud was a “high priority.”
Of course, calls for change come at a time when tax-funded budgets are under tight scrutiny and increasing inflationary pressure. Exactly how such limited budgets are juggled when nations face increasing demands on the public purse remains to be seen.
What’s clear, though, is the demand for digital public services is growing not only from citizens but also from government.
 By Sascha Giese, Head Geek™ at SolarWinds
When it comes to IT, much is made of the differences between public and private sector projects. People are quick to point out the world’s most successful go-getting companies use technology to gain a competitive advantage, while the public sector is motivated by the delivery of services to citizens.
Of course, one area common to both the public and private sectors is security. At first glance, it appears bad actors don’t differentiate between dot coms and dot govs. Whether it’s people’s credit card details that are stolen—or the private medical records of patients that are filched—both suffer at the hands of those intent on doing harm.
And yet, scratch away at the surface, and it becomes clear while both may experience the same fate, the motivation behind such attacks can help to influence the way organisations protect themselves.
This is particularly true of government agencies, for example, since they’re increasingly at risk from state-sponsored attacks.
The risk from state-sponsored attacks is real
If governments are to defend themselves against such well-funded and resourced attacks, then they need to implement increasingly sophisticated cybersecurity strategies. This includes not only understanding the threat levels but who’s behind them and what motivates them.
In other words, governments need to get tougher and smarter.
And the first thing they need to understand is that the push for increasingly convenient digital services—prompted by the ease of everyday digital services from online banking to hailing a cab—is opening a new front in the cyberwar.
As governments seek to upgrade their services to meet the needs of the ‘smartphone generation’, the disconnect between cutting-edge front-end and legacy back-end systems becomes ever more apparent.
While the private sector’s approach to such a problem might be to ‘rip it out’ and start afresh, governments—concerned about tax revenues, budgetary demands, and looming elections—tend to adopt a more cautious approach.
This means many public sector IT teams are left to stitch together the old and the new. But it’s complex. It’s challenging. And it has the potential to leave security gaps which can be exploited.
Beefing up cyber defences
That said, all these problems can be addressed. For instance, the simplest way to help IT professionals protect public sector IT infrastructure is to involve security experts much earlier in the project planning process.
Bringing in security professionals from the start allows time to research, study, and understand the risks surrounding the introduction of new technology. Only by understanding these risks upfront can you ever hope to prevent them from happening in the first place.
This approach also applies to organisations that have decided to bite the bullet and invest in new technology. The lessons they can learn from the private sector could prove invaluable, especially when dealing with taxpayers’ money.
Crucially, by adopting such an approach, public sector organisations can better understand the security risks and plan accordingly.
After all, when it comes to IT, there’s no such thing as 100% security—which is why it’s far better to focus on prevention and mitigation instead of striving for total cybersecurity protection.
Having total visibility of defences and attempted breaches is vital
The key is to improve visibility across siloed departmental systems along with improved communication between IT teams. All too often, organisations build teams in isolation based on their respective areas of expertise, which can result in a lack of communication and visibility across different departments.
Breaking down departmental siloes and barriers would give IT teams an unprecedented view of an entire government’s IT environment—not merely their department—allowing them to identify issues more easily.
Of course, any increase in visibility could potentially lead to IT staff becoming overwhelmed with excess information and security alerts. However, the integration of artificial intelligence (AI) as part of a more sophisticated monitoring system could see AI becoming an increasingly valuable tool in the armoury.
As I said at the start, much is made of the differences between public and private sector projects. And yet there is much the public sector can learn from the experiences of private sector organisations.
By breaking down inter-departmental barriers and improving visibility, governments can do what’s in the best interest of their citizens—keep public services cyber-secure and personal information safe.
Sascha Giese, Head Geek™ at SolarWinds By Sascha Giese, Head Geek™ at SolarWinds
Trust underpins the foundations of modern and legitimate democracies. From civil safety and national security to upholding the rule of law, trust is vital if we’re to function as a society.
Get it right, and public trust can become the cornerstone of a working contract between citizens and government. Get it wrong, and the erosion of public trust can undermine a government’s ability to implement and carry out policy.
And when it comes to digital transformation within the public sector, nothing is more important than trust and security.
It’s an issue discussed at length in an independent report—Addressing trust in public sector data use—published by the Centre for Data Ethics and Innovation (CDEI) in 2020.
Although it’s a couple of years old, its findings have helped to shape opinion and crystalise thinking on these important issues.
Data privacy and systems security underpin trust
For instance, according to the report, “The sharing of personal data must be conducted in a way that is trustworthy, aligned with society’s values and people’s expectations. Public consent is crucial to the long-term sustainability of data-sharing activity.”
In other words, people have to be confident their personal information is being given the same protection as, for example, a bank might provide in storing people’s money and savings.
Elsewhere, the report recognises the importance of security when dealing with people’s personal details.
“Sharing sensitive data requires high levels of security, which are hard to meet when data is often managed in legacy systems,” it said. “It is particularly challenging when sharing across organisational boundaries, where each side may have different requirements for the security of their data and no shared infrastructure.”
Fast forward two years and the sage words of the 2020 report are once again brought into sharp focus following August’s cyberattack on the NHS. The breach—which disabled key digital services—is yet another timely reminder about the importance of data privacy and security.
Security breaches chip away at public trust
In the immediate aftermath of the attack, IT teams were focused on their response to the incident as they sought to restore systems and shore up defences. However, for those charged with pursuing the broader policy around public sector digital transformation, the attack likely raised concerns about the potential long-term damage to public confidence.
After all, IT systems aren’t bulletproof. There’s no such thing as 100% security. It simply doesn’t exist. So, while the best security systems, processes, and protocols may be put in place, it’s also essential to have reactive procedures in place should the unthinkable ever happen.
After all, what governments need to keep uppermost in their minds is the information they’re dealing with isn’t theirs—it belongs to citizens. If someone steals my credit card details, I can always block the card. And if bad actors have used it to buy some personal electronics or clothes, I’d like to think my bank would refund the money. But if my personal details are stolen due to a security breach at the tax office, the government isn’t going to refund my identity.
When it comes to responding to an attack, the advice couldn’t be clearer. Organisations need to be open and transparent.
Maintaining trust is key to responding to cyberbreaches
This is something about which I can speak from personal experience following the much-publicised security breach which involved SolarWinds. Not only did we follow this policy of openness, but we’re also using this experience to shape the way we run our business.
Today, if there’s the merest hint of a security issue, we use such events to train our people within our organisation, so they know how best to respond to an incident. By doing so, we can optimise our responses and rehearse protocols—such as who to reach out to—regardless if it turns out to be a false alarm.
But there’s still more to be done. And this includes closer cooperation between the private and public sectors.
On matters concerning security, the information flow is expected to come from private companies to the government. However, at SolarWinds, we believe this should be a two-way street—data sharing about such attacks should also flow from the government to private enterprises.
If this can be achieved, I’m convinced it can go a long way in helping to build trust and mitigate threats. After all, it’s only by learning the lessons of past attacks and implementing new protocols that we can hope to keep IT systems secure, protect people’s data, and maintain trust.
Tom Stannard, Chief Executive of Salford City Council in Greater Manchester, has been appointed as the new Chair of the Institute of Economic Development (IED) Board of Directors.
In a long and distinguished career in local government spanning over 25 years, Tom has worked in a variety of senior economic development, regeneration, growth, skills and policy roles at councils across the North of England and London, and is a former Deputy CEO of the UK Learning and Work Institute. He was appointed Chief Executive at Salford City Council in February 2021.
As a National Spokesperson for SOLACE and a Commissioner for the Living Wage Foundation, and formerly as a Board Director at the Centre for Local Economic Strategies (CLES), Tom has developed a reputation as a nationally recognised specialist in local government, public service reform and delivering inclusive economic growth.
 Tom Stannard A Chartered Surveyor by profession, Tom has been an IED member since 2017 and a Board member since 2019. Following the Institute’s Annual General Meeting on 5th December, Tom replaces outgoing Chair Bev Hurley CBE, who remains on the IED Board of Directors after six years as Chair and two years previously as Vice-Chair.
“I am delighted to be appointed Chair of the Institute of Economic Development as the pre-eminent UK-wide body representing our diverse profession, and I am keen to build on the impact and growth we achieved under Bev, who has done an absolutely sterling job in driving membership and engagement,” Tom said. “The IED, as a UK professional body, is totally unique. It represents the group of professions with the highest impact on the national Levelling Up mission. We already have over 1,000 members, both individuals and organisations, and we aspire to double in size as part of ambitious plans for future growth. I have personally seen the benefits as a member, with the IED’s sector-leading advocacy, insight, network and CPD programmes that have supported my development over the years.”
The past 12 months has been a reminder of the diversity of economic development: through placemaking, regeneration, town centre management, infrastructure delivery, land and property development, enterprise promotion, business support, inward investment, employability, skills, innovation and other fields of general economic development, demonstrating how IED members support the sector in its widest sense.
“That goes even further when you consider the ever growing synergy with professionals in planning, surveying, engineering, highways and transport and other fields, as well as the enormous impact that economic development can have on health and well-being outcomes,” Tom explained. “Our increasingly diverse membership is drawn from local authorities, LEPs, higher education institutions, government departments and consultancies supporting economic development and we aim to expand this further. Promoting greater diversity and inclusion in economic development will be a key priority for me in leading the Institute. I also intend to develop strong partnerships with other professional bodies. That includes on advocacy, public affairs, policy alliances, and giving better access to our excellent CPD offer.”
Tom continued: “This is an exciting time for the IED. The top government priority is to fix the economy which our members are right at the heart of delivering. The opportunity to lead, as Chair, a mission to support professionals to build the foundations of future places was very hard to resist.”
Bev Hurley CBE added: “I am delighted to formally welcome Tom as our new Chair. It has been a great privilege to serve the profession, and I am staying on the IED Board as a Director to continue to do so. I look forward to supporting Tom, Board and IED members as we move into our 40th year as a successful professional body.”
Oysta Pearl+ allows patients to return home an average of three days faster
Camden Council, in partnership with Oysta, has successfully piloted a care tech device to allow residents to return from hospital sooner and be fully supported to recover at home.
So far, the Oysta care device has supported over 200 residents who were medically fit enough to be discharged from hospital but required ongoing social care support at home to leave hospital sooner, reducing pressures on the NHS.
The ‘Help at Home’ mobile device, provided to residents who are supported by Camden’s adult social care service, has a falls sensor, status alerts and an SOS button linked to an Alarm Receiving Centre, allowing people to recover independently at home but knowing help is readily available.
Residents who were given the device returned home on average three days sooner than those waiting for a social care assessment before they could leave hospital, freeing up hospital beds and helping to address patient backlog.
Calls from the devices go to Camden Council’s ‘Careline’ which allows care teams to respond to calls directly.
Following this successful trial, the care device will now be used permanently for adult social care users in Camden who are returning from hospital.
Councillor Anna Wright, Cabinet Member for Health, Wellbeing and Adult Social Care, told GPSJ: “These Help at Home devices have allowed people to return to their own homes faster, with the confidence that they have technology-based support at the touch of a button. Using these devices, linked to our Careline team, not only provides peace of mind to the individuals and their families but allows the hospital social work teams to develop a plan to support people with what matters to them. But it’s more than just an alarm: our residents can talk directly to our teams through their devices, who also receive alerts in situations such as someone having a fall, allowing us to send a team around to help.”
Mario Zuccaro, Founder of Oysta said: “What we’ve demonstrated in Camden is that not only can our device free up beds for other patients with urgent need for treatment, but we can reduce the unnecessary risk that a longer than necessary stay in hospital can bring. Some people around the country are waiting weeks for their care assessments and by using an Oysta device they have something to keep them safe and monitored which also takes the strain off under pressure social care teams who can schedule in visits in the person’s home when they have returned from hospital.”
A Camden resident who was given an Oysta care device said: “After a long stay in hospital I was desperate to get back to my own home. The staff at the hospital gave me a device whilst I was still on the ward so I could get used to it and I was surprised how easy it was to use. On one occasion I used my Oysta Pearl to call for help after a fall and within 20 minutes the Careline team were at my door to help me. I would recommend it to anyone in my position who was medically fit to be discharged. I had a care assessment when I was back at home and the Council were able to provide me with the things I needed to stay in my own home.”
For more information on Camden’s Adult Social Care service head to: camden.gov.uk/adult-social-care
To find out more about the Oysta Care Device head to: oysta-technology.com/
The challenge:
The Royal Navy wanted to improve retention by understanding more about the lived experience of personnel and addressing common pain-points. The 40,000-strong staff includes sailors, engineers, medical staff, shore-based civil servants, trainers, and auxiliary service personnel. By the nature of their roles, the majority of personnel are not desk-based and prefer to use their mobiles to gain relevant updates.
The decision was taken to create a secure progressive web app, ‘MyNavy’, designed to support personnel from recruitment to retirement.
The Brief:
The Royal Navy specified that the app had to meet core directives:
- to extend MyNavy’s availability to the entire 40,000-strong force
- to deliver targeted, personalised messages down to unit level
- to meet and maintain the highest level of military security clearance from a personal device
- to continue to expand over time, with additional functionality based on user need
How MyNavy was created using Umbraco:
Digital product and service design agency, Great State, was selected to develop the MyNavy app. Great State used open-source content management system (CMS), Umbraco, for building the progressive web app because of its security, intuitive editing, seamless integrations and extensibility.
Andrew McKaskill, Lead Technical Architect, Great State, explains, “From a technical perspective, MyNavy uses Umbraco as its control centre. There’s an API gateway, an identity system and our front-end web sites, but the only place where editors are logging in to make any changes is Umbraco. The ease with which new editors can be brought up to speed on how to create content is a real bonus. As developers, we really value the way that Um braco enables non-technical users to edit the content but also constrains what else they’re able to do so that they can’t inadvertently break the system.”
To address reported frustrations with obtaining fresh uniform, Great State integrated Ucommerce to power MyNavy’s uniform ordering service and built the MVP within twelve weeks. Data pulled from the Ucommerce engine is merged with stock level data from the internal Navy systems and managed within Umbraco’s content editor. Umbraco Forms was used to build six custom forms for special uniform orders and to gain user feedback on beta trials.
“Data has to remain on military servers in the UK. Security is built into Umbraco, another reason why it’s so perfect for this app. The flexibility of Umbraco really shines because it can support all these different architectural styles when we’re developing a solution like this,” states McKaskill.
“Umbraco acts as the framework that everything lives around, allowing the Navy to control all of the different app components. When we migrate to Umbraco 10, we’ll be looking at using the composable digital experience platform to incorporate other apps. Umbraco offers us the required flexibility in terms of how we’re able to put together data structures and content. Its extensibility is a real bonus.”
Future-proof composable technology:
The app is based on an extensible platform so that it can deliver comprehensive support covering training and career planning, healthcare management, family support and arrangement of travel, with more functionality added over time.
Umbraco’s composable architecture and headless CMS provides the Royal Navy with the flexibility to select and integrate the most appropriate third-party applications, rather than being locked-into a single vendor’s feature set.
Improving the lived experience of personnel:
MyNavy has been used to digitise previously analogue processes that were causing frustration. A user survey found that 91% of respondents reported that the click-and-collect uniform ordering service improved the experience and saved time.
 The ‘Announcements’ feature allows targeted messages to be sent to units, or bases. Nominated editors log into Umbraco, tailor announcements and select the recipient group, so that relevant information is shared with 2,000 people within their unit, rather than broadcast to the whole force. Naval personnel now receive relevant notifications that will enable them to prepare for promotion, apply for new opportunities and progress their careers.
Great State also built a Joint Medical and Employment Standard (JMES) feature into MyNavy which includes a video to help personnel to understand their JMES data. The Healthcare feature helps people to take ownership of their medical status and improve their operational readiness.
Measurable Results:
Built as an internal platform, access has been extended to the entire force of 40,000 people, including civil servants, auxiliary services and Naval Reserves. The platform was accessed more than 168,000 times in a single month, equating to 75% of the force using MyNavy and 84% of users accessing it from their smartphones. The ‘Have Your Say’ feature has provided valuable feedback to Royal Navy command and generated user-led recommendations on new features that could be included in MyNavy.
Today, MyNavy is used by 35,000 people all over the globe, with 8,000 visits registered every day. It has removed the frustration of previously analogue processes and has digitally connected and empowered a globally dispersed workforce. The MyNavy app has been hailed by the first and second Sea Lords as an example of transformation best practice within the armed forces.
 Nigel Dews Restore Records Management has been awarded a £5.857m contract by the Department for Work and Pensions (DWP) to transfer approximately 375,000 boxes of records into off-site storage and provide retrieval services.
The three-year contract, worth c£1.9m a year, will see records moved away from DWP’S on-site location at Heywood Stores, near Manchester, for the first time.
They will be transferred to a specialist Restore facility, also in the Northwest of England, with migration beginning in November 2022.
The contract includes 600 file retrievals and returns per day, allowing the DWP – the UK’s biggest public service department – to access information on demand.
Secure destruction services will also be provided in line with the DWP retention policy.
The news comes just weeks after Restore, the largest UK-owned records management company, announced a 10-year deal to manage more than 10 million archive assets for the BBC.
Nigel Dews, Managing Director at Restore Records Management, said: “This is another exciting and important contract win, which extends and enhances our existing relationship with the Department for Work and Pensions.
“Our flexible approach and ability to find solutions was key and we are delighted to be chosen for this project. These are exciting times at Restore Records Management.”
The DWP commented: “The DWP continues the relationship with Restore, following the award of the Off-Site Records Management contract and looks forward to working with Restore in the coming years.”
Restore has been working with the DWP since June 2021, having won a tender for the on-site auditing of their inventory.
 Europe’s leader in mobile messaging, LINK Mobility, has been accepted on to the UK Government’s G-Cloud 13 Framework of approved supplier services.
Under the agreement, all government bodies from local and central government, through NHS, social housing, to policy and emergency services, will be able to use the G-Cloud’s Digital Marketplace to directly buy LINK Mobility’s Communications as a Platform Service (CPaaS). This means there will be no need for government bodies to go through lengthy tender or procurement processes.
LINK Mobility is a specialist in messaging communications including email, SMS, Google’s Rich Communication Services, as well as mobile authentication used for fraud detection and prevention. Subscribers to LINK’s platform will be able to progress their plans to digitize citizen’s experiences. Within the framework, they will have all the necessary permissions to send messages of all forms such as appointment reminders and important local authority service updates.
Speaking to GPSJ, James O’Hare, Managing Director of LINK Mobility, said joining the framework was testament to the high standards the company has developed to ensure all organisations, public and private, large and small, can have access to secure and agile communications.
He was also quick to point out that the news comes at a time when people’s attitudes to dealing with their council or healthcare provider are changing. “The pace of digital change in the private sector means that people now expect to be able to manage every aspect of their lives online’” explains James. “This expectation now extends to the interactions they have with government bodies. However, the public sector is lagging well-behind – pressures to reduce cost has inhibited the rate at which leaders can adopt digital tools in comparison to the private sector.”
“That’s where we can help reverse this trend and make up lost time with easy to use and manage communication tools,” he adds. “The possibilities to create world-class digital citizen experiences are endless with our technology. Local authorities could cost effectively introduce chat-bots to help with enquiries about bin collections or use SMS to send important reminders to tenants about essential maintenance. At the same time, the NHS can use the platform to send patient reminders with options to confirm or rebook, saving the taxpayer time and money on missed appointments.”
In 2021, LINK Mobility was accepted on to the NHS Shared Business Services (NHS SBS) Patient/Citizen Communications & Engagement Solutions procurement framework, which lets any NHS or public sector organization procure communication services from approved providers such as LINK Mobility.
The news co-insides with LINK Mobility’s appearance at the Digital Health Event at Kensington Conference and Event Centre, this week.
More information about the service LINK offers can be found at www.linkmobility.com/cpaas
 Eilon Elhadad The National Cyber Security Centre (NCSC) has issued practical steps to help tackle the significant increase in the number of cyberattacks resulting from supply chain vulnerabilities. To support this initiative, companies should minimise the complexity of the process, choose as few security vendors as possible, and build adoption programs, explains Eilon Elhadad, Senior Director, Supply Chain Security, Aqua Security.
The UK government is undertaking a major digital transformation initiative, which includes ambitious plans to help the public sector improve its cyber resilience. The Government Cybersecurity Strategy aims to ensure that essential government services remain resilient in the face of increasing cyber threats.
This poses a significant challenge. 777 incidents were handled by the NCSC between September 2020 and August 2021, and around 40 percent targeted the public sector. In 2020, both Redcar & Cleveland and Hackney Councils were struck by ransomware attacks, negatively affecting council tax, benefits and housing waiting lists. Gloucester City Council was then the subject of a further cyberattack in 2021. Clearly, cybercriminals see the public sector as low hanging fruit.
In addition, high-profile cyberattacks, such as the cyberattack on SolarWinds and Log4J, have focused attention on the resilience of the supply chain. These attacks demonstrated how vulnerabilities in third-party products and services can be exploited by cybercriminals and hostile states, hitting hundreds of thousands of organisations at the same time.
The simple fact is that software supply chain breaches are rising fast: increasing by 300% in 2021. Malicious attackers are targeting source code and associated dependencies to create vulnerabilities and backdoors to applications. Supply chain security fears come in many forms: insecure open-source software, container image vulnerabilities and unauthorised access to code are just a few of the concerns. These can inhibit wider adoption of new approaches and create compliance and risk exposure. The question is: how can we more effectively protect the supply chain?
Building bridges to protect the software lifecycle
The first step is to build a bridge between security teams, DevOps and developers with an end-to-end solution that is specifically designed to stop software supply chain attacks. CISOs should seek out a solution), which will defend against supply chain threats from code all the way through to runtime and ensure protection during the entire software development lifecycle, across both the application and the infrastructure that underpins it.
- The supply chain security solution itself should provide automated code scanning that empowers CISOs to assess resources drawn from third parties without exiting their workflows. Other beneficial features to look out for include:Zero-trust CI/CD posture management that enforce Least Privilege Access and minimise security risks that arise from potentially dangerous misconfigurations in DevOps platforms, such as GitHub, Jenkins, Nexus. It will also quickly highlight insider threats, such as bulk changes to user account access, the removal of required security checks, or changes to a sensitive code repository.
- Automated controls which can spot new or non-compliant CI pipelines and apply customisable security assurance policies at the touch of a button. These should also enable the creation of individual enforcements that will ensure every newly built artifact is signed and scanned for vulnerabilities, secrets and Infrastructure as Code (IaC) misconfigurations.
- Next-generation software bill of materials (SBOM) abilities which allow developers to record every action on the road to final artifact creation. Using this capability means developers can be assured that the code they create is the same code that ends up in production.
- Automated open-source health evaluations which score every open-source package and provide real-time alerts to developers when potentially dangerous packages are detected.
Make defence in depth a priority
Malicious cyberthreats are penetrating the software supply chain with increasingly sophisticated attacks on the cloud native stack. Therefore, organisations must ensure that security is embedded in the application development cycle so they can identify and remedy security threats before they cause problems in production.
The Systems Sciences Institute at IBM conducted research that confirmed that it costs six times as much to fix a bug at deployment and 15 times more during testing rather than repairing it during the design phase. This means that choosing a CNAPP with integrated supply chain security, automated alerts and acceptance gates across the whole code and build stages will provide a considerable financial upside too. It will also make developers happy by eliminating the complicated security barriers that would otherwise block them from maintaining pace with ever faster shipping cycles.
If your organisation wants to introduce proactive security to your software supply chain and ensure release quality, a CNAPP solution which includes end-to-end integrated dynamic threat analysis and runtime defence features is the best choice. It will provide Day One security that halts cloud native threats before they can cause any damage.
Learn more about securing the software supply chain in the public sector during an upcoming expert briefing with Aqua, AWS, GitLab and Contino on December 6. For those interested in uncovering the current risks in your supply chain, sign up for a free risk assessment.
New Advanced Data Inventory Solution to Support Privacy Teams with GDPR, CCPA, LGPD and Other Global Privacy Regulations
Exterro, Inc., the industry’s first provider of Legal GRC software, which unifies e-discovery, digital forensics and data privacy to drive successful, defensible outcomes for in-house legal, IT teams, privacy and law enforcement worldwide, today introduced Exterro Smart Data Inventory, a new solution designed to help organisations build, monitor and maintain a defensible privacy program based on a single intelligent and dynamic data inventory across record types, assets, 3rd parties and processing activities.
In order to establish an effective data privacy and governance program, organisations must be able to quickly attain a real-time picture of the data that exists within their internal environment as well as cross border data transfers. Given the sheer volume of data, many organisations struggle to maintain an accurate and up-to-date inventory which is required to comply with a complex global regulatory environment. Exterro Smart Data Inventory speeds the time to compliance by reducing the time to record processing activities, eliminating redundant questions, automatically detecting high risk processing by regulation, and integrating data discovery technology.
“A company’s ability to meet their compliance obligations is directly impacted by their ability to understand what information they have, where it lives, how it’s being processed and how long they keep it – whether that’s CPRA, GDPR, PIPL, or any other privacy regulation. Without an intelligent and automated approach to building a comprehensive data inventory, this makes an already difficult and time-consuming process, all the more challenging,” said Ray Pathak, VP of Privacy at Exterro. “The Exterro Smart Data Inventory capability is the industry’s first truly integrated solution to seamlessly bring together deep privacy intelligence, process orchestration, advanced artificial intelligence (AI), and data governance best practices in a single platform to eliminate many of the headaches that come with having to manually build and maintain a data inventory.”
 Conducting a comprehensive data inventory is considered to be the first, and most important step in building a defensible privacy and data governance program. It’s also the most time consuming and costly stage that when done manually, can take months to complete, is rendered inaccurate or already out of date by the time it is completed, and can cost several hundreds of thousands of dollars. Some of the key benefits that Exterro Smart Data Inventory provides to customers include:
- Accelerated Compliance: Natively integrated with Exterro Data Discovery, Exterro Smart Data Inventory speeds time to compliance with global privacy regulations. Compliance is also accelerated by a fully configurable rules engine, enabling users to create automated policy enforcement triggers based on organisational privacy, security or other internal policies.
- Increased Productivity & Efficiency: Embedded artificial intelligence technology powers productivity gains across departments and stakeholders by personalizing suggestions based on role and response history as well as offering proactive recommendations based on specific regulatory requirements. The Smart Data Inventory also boosts team productivity via automated, AI-driven discovery of personally sensitive data and related data subjects. Exterro Smart Data Inventory also eliminates redundant questions commonly asked in PIA/DPIAs via a powerful rules engine that automatically detects if any sensitive PII and/or vulnerable Data Subjects are part of the processing activity (i.e., business process) which dramatically reduces the time organisations spend to collect data inventory information from their business users.
- Improved Accuracy & Collaboration: A consolidated data workflow eliminates outdated and inefficient survey methodologies such as having to manually administer questionnaires, while enabling business users and privacy champions to collaborate, increasing information accuracy and streamlining the process of recording, reviewing, and approving data processing activities.
- Simplified Operations: Building a comprehensive and defensible data inventory today is mired in complexity due to the exponential volumes of data being ingested on a daily basis and the dynamic nature of the data itself. Exterro Smart Data Inventory helps users mitigate much of this complexity by reducing the effort required to map, organize and contextualize all relevant data and eases inventory maintenance by automatically tracking and capturing any changes within an environment.
To learn more about how Exterro Smart Data Inventory visit Exterro’s website.
Ingenuity and collaboration result in enthusiastic adoption of Imprivata technology at Health Organisations across the UK
Imprivata®, the digital identity company for mission- and life-critical industries, has honoured the achievements of customers from across the UK at its annual HealthCon virtual user group conference, held on 3 November.
For each of the five Awards, which includes a new award for Outstanding Collaboration, there was an overall Winner as well as Special Commendations in the category, which reflects the strength and depth of nominations.
The Proven ROI Award for the customer who has fully leveraged their Imprivata solutions, either by deploying effectively across their organisation, saving time, or realising the value of Imprivata solutions in their workflows, was won by Swansea Bay University Health Board for its commitment to, and deployment of, Imprivata OneSign® and Imprivata Confirm ID™ at Neath Port Talbot and Morriston Hospitals. The adoption of electronic records and rapid access to critical apps like ‘renal’ and ‘Signal’ had significant impact on clinician and patient experience, with demonstrable return on investment.
Matthew John, Director of Digital Cyfarwyddwr Digidol, Senior Information Risk Owner (SIRO) Uwch Berchennog Risg Gwybodaeth at Swansea Bay University Health Board Bwrdd Iechyd Prifysgol Bae Abertawe stated: “It is fantastic that our Digital Services Team have won this award. The Imprivata solution is making a huge difference to the efficiency of our clinicians across the Health Board and therefore having a direct positive impact on patient care.”
Special commendations went to:
Southport and Ormskirk Hospital NHS Trust for its roll-out of Imprivata OneSign across all staff, including clinical and administrative areas. This deployment included early engagement with all staff types, design and inclusivity of everyone, along with a strategy for proactive enrolments organised by the project team, putting patient safety at the front of their delivery. As a result, adoption rates within a short space of time have been impressive, with staff reporting they are delighted with the tap and go functionality and time saved by using the system.
Ashford and St Peter’s Hospitals NHS Foundation Trust and Royal Surrey NHS Foundation Trust for the Cerner and Imprivata OneSign project go-live in May 2022. Across both deployments there were 100,000 authentications using Imprivata in just the first five days, justifying the investment and demonstrating strong user adoption.
The Innovator Award for the Imprivata champion whose success story resonates innovation and achievement within their organisation, went to Manchester University NHS Foundation Trust. The Trust are embarking on their biggest transformation project yet, with the Epic EPR go-live which took place in September 2022. Manchester University NHS FT has been a long-standing user of Imprivata OneSign with 28,000 staff enrolled in the solution. Based on integrations between Epic and Imprivata, the Trust was able to run in kiosk-mode with tap and go authentication, and utilising Imprivata Identity Governance™ managed identities across ten hospital sites providing role-based access to Epic. Using Imprivata GroundControl, the Trust was able to reduce the number of iOS devices required to deliver Epic Rover across the ten sites – with clinicians now able to securely and quickly share iOS devices. In addition, the Trust has invested in Imprivata infection control keyboards and card readers, and are also trialling Imprivata Privileged Access Management.
Dan Prescott, Group Chief Informatics Officer, at Manchester University NHS FT commented: “We are delighted to win the Imprivata Innovator Award which is a true testament to the hard work, commitment and ‘out of the box thinking’ demonstrated through fantastic collaboration between clinical, nursing and technical teams. I set our technical teams on a journey with a goal to innovate the way our clinical colleagues interacted with technology, supporting a new EPR with an ambition to be as seamless as possible whilst ensuring clinicians were at the heart of our technology decisions. This award shows collaboratively we can implement technology to ensure our services are the very best they can be for our patients and for our workforce.”
Special commendations went to:
South Eastern Health and Social Care Trust for its use of Imprivata Identity Governance to rapidly provision 500 new identities in just 25 minutes, to furnish a pop-up vaccination centre to administer booster jabs in the face of the Omicron variant.
Hull University Teaching Hospitals NHS Trust, a long-time partner of Imprivata. After the initial success of Imprivata OneSign, the Trust has invested in Imprivata Identity Governance to provision a further 10,000 identities, and Imprivata FairWarning to proactively monitor applications to ensure patient records are being accessed appropriately.
 The Early Adopter Award for the Imprivata customer that has contributed immensely to product roadmap initiatives, was presented to South Tees Hospitals NHS Foundation Trust. As well as a successful roll-out of Imprivata OneSign with widespread clinical engagement, the Trust has been a trusted partner and pilot site for the Imprivata Virtual Smartcard. The feedback from clinicians on the frontline who have been able to swap their physical cards for the Imprivata Virtual Smartcard has been overwhelmingly positive.
Angela Hopton, ICT System Support Services Manager, Registration Authority at South Tees Hospitals NHS FT commented; “We are delighted to have won the Early Adopter award as when we heard about the Imprivata Virtual Smartcard, it solved a number of issues for us. As well as providing a better experience for users, Imprivata Virtual Smartcard takes up significantly less resource for ICT, as well as removing issues such as sourcing physical cards, printers, consumables and card readers.”
Special commendations went to:
University Hospitals of Morecambe Bay NHS Foundation Trust, for its early Proof of Concept project for Imprivata GroundControl enabling the Trust to deploy shared iPhones on wards, providing fast and flexible access to technology for frontline staff.
North Cumbria Integrated Care NHS Foundation Trust for its vision of a single Imprivata platform to manage identity across the Trust, reducing digital friction for clinicians without compromising patient data security.
The Clinical Excellence Award for the customer whose clinical team stands out as an exceptional proponent of Imprivata solutions, was presented to Ashford and St Peter’s Hospitals NHS Foundation Trust for the Cerner and Imprivata OneSign project go-live in May 2022.
Laura Ellis-Philip, Director of Digital at Ashford and St Peter’s Hospitals NHS FT said; “The team at Ashford & St Peter’s went live with Cerner EPR and Imprivata OneSign earlier in 2022. Despite some initial push back and teething issues, we witnessed over 72,000 tap on events within Imprivata SSO within the initial seven days, and we had a clinical audience that were thrilled with the effectiveness of the Imprivata and Cerner solution.”
Special commendations went to:
County Durham and Darlington NHS Foundation Trust for its ambitious and innovative mobility project, mostly deployed remotely during the pandemic, that delivered a global first with Cerner CareAware across 1,100 shared Zebra devices using Imprivata Mobile Device Access™.
Barking, Havering and Redbridge University Hospitals NHS Trust, an ongoing success story, where Imprivata OneSign SSO and ‘tap n go’ have been deployed as part of the Emergency Department systems at Queens and Kings campus. Great clinical ROI has been achieved with swift logins to patient data.
New for 2022, the Outstanding Collaboration Award for the customer who has demonstrated exceptional commitment to collaborating with Imprivata on the development and roll-out of solutions across the Imprivata portfolio, goes to Bolton NHS Foundation Trust. A close partner of Imprivata for many years, the Trust is a regular beta test site providing honest feedback and constructive suggestions. Bolton NHS FT was the first Imprivata Identity Governance pilot site, and the first NHS Trust to invest in virtual smartcards for all of its 8,000 clinical users.
Brett Walmsley for Bolton NHS Foundation Trust, Director of Digital, commented: “We have had a close working relationship with Imprivata that stretches back across numerous projects. We are delighted to win this award that recognises our close collaboration, and look forward to our continued relationship.”
Special commendations went to:
University Hospitals of Leicester NHS Trust has been working in collaboration with Imprivata for nearly a decade using the Imprivata OneSign platform to deliver a fast and efficient technology service to colleagues. The Trust was an early adopter of Imprivata GroundControl in support of its mobile electronic patient record programme, and has most recently invested in Imprivata Identity Governance and Imprivata Privileged Access Management to help transform the onboarding and offboarding experience for clinical staff.
Royal Free London NHS Foundation Trust is another long-time collaborator with Imprivata and were pioneers of Imprivata Spine Combined Workflow, and will shortly be deploying Imprivata Identity Governance.
Ross Allen, Vice President, International Sales at Imprivata commented: “Despite two years plus of emergency measures due to the global pandemic, the NHS is still able to innovate. The stories we see are an inspiration, and we are delighted to celebrate the achievements of all of our customers who have been nominated and received our top honours. The underlying theme is collaboration, by working together we achieve so much more than in isolation, and at Imprivata we are proud to count so many of our customers as partners.”
For more information on Imprivata’s award winners, the company and its solutions, visit www.imprivata.co.uk
 By Sascha Giese, Head Geek™, SolarWinds
For many people, the pandemic—and the global response to this once-in-a-lifetime event—was a game-changer. The enforced and rapid move to the cloud meant carefully prepared plans for phased IT migration were thrown out the window.
Instead, the explosion of hybrid office environments left public sector IT workers forced to cope with a remote workforce as people abandoned the office to work from home instead.
But as we now know, though this response to the pandemic was pivotal in helping government departments continue to provide essential public services, it did so at a cost.
A study published in June 2022, the SolarWinds® IT Trends Report 2022—Getting IT Right: Managing Hybrid IT Complexity, found the rapid uptake of hybrid IT during this period “increased network complexity for most organisations and caused several worrisome challenges for public sector IT professionals.”
What it discovered is running workloads and applications across both cloud and on-premises infrastructure—and the speed at which these changes were introduced—has proven to be a major challenge.
Facing Up to a New Post-COVID IT Reality
According to the IT professionals surveyed as part of the report, the job of IT teams has become much harder thanks to the new realities of hybrid IT. When pressed, tech pros said they’re unsure about how best to manage this new reality.
Almost one in five (17%) said the acceleration of hybrid IT has increased the complexity of their public sector organisations’ IT management.
When asked to explain why, 50% blamed the increased complexity on the adoption of new tools and/or technologies. And while 40% reported increased technology requirements added to the problem, a similar proportion (31%) blamed “outdated staff skill sets.”
When asked about how confident they were with their organisations’ ability to manage IT complexity, only 12% said they felt “extremely confident.” Half of the respondents (50%) admitted they weren’t “fully equipped to manage complexity” and felt “only somewhat confident” to do so. Only a third of tech pro respondents (33%) said they were confident their organisations are equipped to manage IT complexity adequately.
The Issue of IT Complexity Is Becoming Ever More Complex
When speaking to IT professionals working on the front line of public sector IT projects, the issue of complexity comes up time and time again. It’s as if IT teams are in a downward spiral, with issues of complexity made worse because of limited visibility into networks, apps, and infrastructure.
And as this visibility becomes harder to focus on, it becomes increasingly more challenging to conduct tasks such as anomaly detection, easy root cause analysis, and other critical processes to ensure the availability, performance, and security of business-critical applications.
Though it may be easy for some to dismiss such concerns as being a “post-COVID hangover” or “teething troubles” associated with the new hybrid way of working, the findings from the survey paint a different picture.
Nine in 10 (88%) of those questioned agreed return on investment (ROI) was impacted during an IT project they oversaw in the past 12 – 18 months. A third (36%) said the IT projects took four to seven or more months more to complete than scheduled, and 52% said these projects were extended by up to three months. The reason? Hybrid IT complexity.
The Impact of Hybrid Working Has to Be Taken Seriously
No one can doubt the way public sector IT professionals responded to the pandemic helped governments keep functioning.
But public sector organisations need to take stock of what happened over the last couple of years and speak to those on the front line of this extraordinary IT event if they are to gain valuable insights.
If they do, they’ll discover IT pros want more time and resources to help implement observability strategies and manage hybrid IT realities more effectively. By listening to IT pros, decision makers can gain a better understanding of the impact hybrid working has had on increasing operational complexity.
Blackhawk Network finds four priorities local governments should consider when providing funds to people in need
Since 2020 there have been significant increases in the need for ‘alternative payment’ such as voucher schemes and prepaid cards, to deliver financial support to people in need, as opposed to traditional methods such as cash, cheques or BACS. Blackhawk Network actively provided pandemic emergency relief support and helped to issue more than $2.5 billion in 2021 alone. As we continue to battle the cost-of-living crisis and enter a recession, Blackhawk Network uncovers how local governments can best support in distributing funds and presents vouchers as a positive solution for communities hit the hardest by the current climate.
The research included input from over 1,000 lower-income individuals who received the funds last year. It found almost all (97%) were concerned about making ends meet and a need to support them with utility bills (82%), food (67%) and rent (44%) as a priority during the cost-of-living crisis.
While many people in need are feeling the strain of the current economic climate, local authorities must consider the most effective ways to reach those in need and help overcome their own challenges. The research defines four priority areas that communities would appreciate most:
- Speed to accessing funds: Research found 30% had received a voucher within a day or two but only 11% had to wait more than two weeks. While for cash, this was significantly higher, with 17% waiting two or more weeks.
- Ease of claiming: Vouchers were considered by 71% of the respondents to be an easy way to claim support over pre-loaded bank cards, direct or cash transfer and cheque. 81% agree ease of claiming is essential.
- Choice: 84% of respondents wanted to see some level of control over what the support is spent on with utility bills and food being the most appreciated.
- Ease of spending: Only 7% of participants believe that spending vouchers would be very or fairly hard.
Additionally, insight into national policy makers and local authority representatives highlighted the challenges they face. Resourcing means many authorities aren’t geared up to deal with the volume of disbursements from grants and crisis funds. It can also become a significant administrative burden, with lengthy back and forth regarding financial information. Different methods to distribute funds can also vary in cost-effectiveness, with some, such as BACS, incurring additional transactional fees.
Ultimately, vouchers gained the most positive response when thinking about being awarded funds from local authorities or organisations. While local authorities said it significantly helped alleviate many challenges when using a third-party provider to disburse payments via vouchers.
Chris Ronald, VP EMEA B2B at Blackhawk Network said: “During incredibly testing economic times, we are conscious of the financial struggles communities across the UK are facing, which is why it’s essential that those need help most are receiving support quickly and with ease of access.. While local authorities may not have the resources or tools in place to manage fund distribution effectively, alternatively payment solutions should certainly be considered, and vouchers are an option that ticks all the boxes. They’re an effective way to reach the right people quickly and in a way that’s convenient to them.”
For more information about the research and how to act please download the eBook: blackhawknetwork.com/uk-en/resources/ebook-speeding-payments-people-need
The energy infrastructure expert aims to bring greater flexibility of choice to organisations entering the EV charging market through its advocacy of the Open Charge Point Protocol (OCPP)
Fully-funded and part-funded service options will help remove the financial barriers businesses face when deploying the technology at scale
Energy solutions business, SMS plc, has launched an end-to-end electric vehicle (EV) chargepoint infrastructure solution to help UK organisations establish, manage, and grow their car charging networks.
The new service offers businesses looking to invest in and monetise EV chargepoint assets a full life cycle proposition, from initial consultancy and design of electrical infrastructure, through to technology procurement, installation, and ongoing operation and maintenance (O&M). SMS will deliver its managed chargepoint solutions as a fully funded or part-funded service, helping to significantly lower the financial barrier organisations face when deploying the technology at scale.
 In partnership with charge point operator (CPO) and software-as-a-service (SaaS) company, Clenergy EV, SMS will also offer access to innovative chargepoint management software that allows organisations to manage and monitor all aspects of their business charging network via an Open Charge Point Protocol1 (OCPP)-compliant platform.
With a recent report commissioned by Transport and Environment (T&E) highlighting that there are currently more EV chargepoints in workplaces (33,000) than public chargers (31,500), SMS looks to assist private and public sector organisations across both of these key market segments, supporting the UK Government’s EV Infrastructure Strategy to reach 300,000 chargepoints nationwide by 2030.
In addition to workplace and public charging, SMS is also targeting the destination charging market – which broadly refers to chargepoints installed by leisure, retail, and hospitality businesses – as well as the fleet sector.
SMS brings to the EV charging marketplace significant energy consultancy and engineering heritage, with the company having played a leading role in delivering some of the UK’s flagship utility infrastructure programmes over recent years. This includes the Government-mandated smart meter rollout, the development of grid-scale Battery Energy Storage Systems (BESS), and expert electrical infrastructure support for the telecom industry’s new 5G networks.
Guy Bartlett, Managing Director of SMS Energy Services division, said: “As an independent, tech-agnostic EV charging partner, other than our considerable expertise helping establish the UK’s critical electrical infrastructure, what we look to bring to the rapidly growing chargepoint market is a crucial flexibility of choice. Unlike many of our closed network competitors operating in this space, our goal is to help customers seize total control over who supplies their chargepoint estates, helping select the hardware that best fits their precise business needs, whilst also providing the engineering skills to deliver an optimum charging solution.
“At SMS, we believe that encouraging and enabling interoperability across the UK’s EV chargepoint network is essential to helping create the best possible experience for drivers, which will in turn improve general uptake of EVs and ultimately help strengthen the business case for investing in chargepoint infrastructure. That is why we’ve chosen to partner with Clenergy EV and offer our customers the benefit of OCPP-compliant software, which allows network owners to control chargepoints from multiple manufacturers via one platform.
“We also believe that cost should not stand in the way of businesses who wish to benefit from the many commercial and environmental advantages made available by EV charging assets. We’re proud therefore to offer the marketplace our funded solutions that remove one of the major obstacles to asset investment.”
|
NEED AN UP TO DATE DATABASE? 
|
Recent Comments