As more and more critical business data and information is stored in computer systems there are a number of security considerations and practices that deserve attention. This article is the first of our two-part series looking at Security Practices for your organisation or home. In this article, Andrew McLean explores two important aspects of security – viruses and unauthorised access.

Virus Protection

We often get asked "what's the best anti-virus software?" That's like asking a group of people "what is the best car?" Raise the subject of anti-virus software with a group of computer experts and you will get many different opinions. So it is wise to give some thought to just what your requirements are before you buy.

Here are some things to consider when selecting anti-virus software for your computer

1. Retail box or download

Many good software products are not sold in retail chain stores but are available for secure purchase and download from the internet. This sometimes makes it harder to ask questions about the product, but remember that the retail sales person has a vested interest in recommending the product that they stock. Just because a large chain store stocks the software doesn't mean it's the best software for your needs.

2. Impact on PC performance.

This can be a tough area to gauge just by looking at the software description. Check out the 'Minimum System Requirements' to see which software needs more resources (e.g. memory). Also, consider installing a time-limited trial version of the software (if available) to test it for yourself before parting with your money.

3. Updates & upgrades.

All anti-virus software should entitle you to download the latest information (updates) about any new viruses for free, for the duration of your license subscription. Some software products also entitle you to upgrade for free if a newer version of the software is released, whilst others make you pay an upgrade fee.

4. Price.

Software licensing comes in many different configurations, so make sure you are comparing the same kind of software license when you are comparing prices. Factors that influence the price include how long your subscription is for (allowing you to download those free anti-virus information updates), how many PCs can use the one license and whether the software is being installed in a student/academic environment, home, business or not-for-profit entity.

5. Management

If you run a business with more than one PC, a 'network edition' may be right for you. This allows the updates to be downloaded by one of your computers and distributed to the rest of them, instead of each PC downloading the update. It also provides an overall view of whether the software is working on each PC and if any infections have been found. These features reduce the time (and cost) it takes to manage your anti-virus software across multiple computers.

6. Additional features

Many anti-virus software vendors now also produce 'security suites', which include firewalls and protection against spyware, malware and spam. It may be more cost effective and resource effective to run one product to handle all of these security aspects.

Firewalls

Did you know that when your computer is connected to the internet, it has over 131,000 'ports' that a hacker could connect to? These ports are like doors in a building and if they aren't protected properly, then someone could sneak in without you noticing. If the hacker is not installing a virus, they can still do some serious damage without alerting your security software, including transmitting your personal information.

So how do you watch all of these doorways to your information? You need a firewall!

In construction terms a firewall is a fire-resistant wall that subdivides a building to stop the spread of fire from one area to another. In computer terms, we need to stop communications between your computer and others on the internet. A total block of all internet communication would be useless though, so you need a way of selecting which type of communications you want to receive. For this, computer firewalls have rules and filters much like construction firewalls have access doors.

Firewalls can be on a hardware box (a separate unit or part of your internet modem or router) or can be software installed on your computer. Most popular security software packages also include a firewall. A hardware firewall is great for providing a barrier before your computer is even reached and will also mean that your computer doesn't have to spend its precious resources on running the firewall software. It also reduces the risk of the firewall itself being compromised, as some viruses can try and disable security software features that are running on your computer. The downside is that a hardware-based firewall can be more expensive and not as easy to configure and maintain if you are unsure of how to use them.

The Windows Firewall (on Windows XP Service Pack 2 and Vista) only examines inbound communications coming into your computer from the internet. If your computer becomes infected then your outbound communication to other computers on the internet won't be examined or filtered. This can turn your computer into a source of infection, impacting your security and internet connection.

If you are doing something specific (like installing new software or troubleshooting a connection problem) you may need to temporarily disable your firewall. Software firewalls may alert you that a connection has been attempted and blocked and may ask if you wish to allow that kind of connection in the future. In general, if you are doing something new which would probably involve a connection to the internet, you can allow the connection – either 'this time only' or for all future connection attempts. If in doubt, block it, as you can always allow it later if you find that it is needed.

Conclusion

Best practice demands that computer data and systems are secure. It is your decision as to how much your data, and access to that data, is worth to you and how much it is worth to know that it is secured. If in doubt you need to seek help from an expert to ensure that the most appropriate measures are taken to protect your data.

In the second part of this article, I will look at the new challenges arising from the growing presence of wireless networks.

Andrew McLean is Director of Computer Troubleshooters – Charlestown and a contributor to various journals and newspapers. For further information contact Andrew McLean

While the traditional approach to solving IT problems may involve the preparation of a tender, software evaluation and subsequent acquisition of the most appropriate solution, there is another way! Venkatesh Ramarathinam compares this approach to one looking at workflow solutions and business processes and explains the benefits to be gained.

The Conventional Route

Bob, IT Director for a leading accounting firm walks into a meeting with the key members of various divisions of the firm. They have all gathered in this room to discuss the need for another software system, this time to store documents in a single place from where people can collaborate easily. Just a month ago, the company bought a piece of software worth a few million dollars that will allow them to report on historical data. And a month prior to that, they had hired few IT developers to maintain the 30+ existing software systems.

By the end of today's meeting they hope to come up with a list of key requirements for this new document storage system. Bob kicks off the meeting by asking each person in the room to describe how they manage documents today. Five minutes into the meeting and he sensed disaster. He got 10 different answers and there were 11 people in the room. While they all were explaining the same process, each person has adapted his own way of doing work and have come up with their own "technology" to help them get the work done. Bob quickly realized that the discussion was going nowhere, and turned to his IT Manager and asked why his team had not spotted this earlier and put something in place for the business users. His IT manager suggested that he hadn't any clue about this until a few minutes ago.

So here we are, over a period of time, no one knows when, the business had a new requirement; people had the need to search, find, retrieve and associate documents to cases, have invented their own way of getting this done, but ineffectively, and now IT has been requested to come up with yet another solution.

The above scenario, though fictitious, could very well resemble something you have experienced in the past. I have used the example of the need to manage documents effectively; but this could very well be the need to "build" a "system" that keeps a record of each customer and their documents and records in one place; an existing system that now needs to be "updated" as the governing laws have changed, or simply the need to "build" another system so that two existing systems can exchange information. Whatever maybe the situation, the solution, historically speaking, has been to issue a tender, evaluate a few products and buy the one that seems to check the most boxes. There are quite a number of issues with this kind of a traditional approach to solving IT needs. First, let me explain some of the key challenges with this approach and then present why more and more people are moving towards Business Process Management (BPM) a.k.a workflow solutions.

Challenges with the conventional approach

• Changing your business to fit the software

No two organizations do business the same way. No two companies have the exact same vision and mission. No two companies follow the same approach in exceeding customer expectations. There is always competition, and each organization would prefer to be one up and do better than their competition. If that is the case, then how is it that we all buy the same software and expect it to work according to our specific requirements? When we buy software that meets the most requirements for the specific scenario, we decide to make compromises on the other requirements it doesn't meet, and end up changing our business to how the software works! Common sense would suggest that the software is what should adapt to our way of doing things, so we can focus on our business and maintain our competitive advantage.

• No visibility into any process from start to finish

So, we bought this software that solves a specific problem, and now we find that we have another new requirement. The last software we bought cannot be extended to address the new issue, and what do we do then? Go out and buy another piece of software. Within no time we end up with this pile of different products and god forbid more applications that were built in-house by our IT team, because no product out there could do what we wanted it to do. Each piece of software does not talk to the other and now we end up with this mess, where our data resides in five different systems, files in another ten systems and customer's record in eight different systems. Simple reports such as the time it takes to convert a sales enquiry into new business, time to respond to a customer or even the number of active cases an accountant is handling becomes massively impossible to generate – as data is distributed across numerous systems and is also simply missing in more than a few cases.

• Huge costs/low return

It's not just the fact that we have all these different software systems; the issue gets compounded by the need to maintain these systems. Any change to an existing system requires massive effort, regular updates and maintenance costs add up, infrastructure setup and maintenance bills are constantly on the rise; you now need more training effort, more change management, more documentation and more and more effort is constantly expended in trying to "fix" things.

The BPM Way

Put in different terms, a BPM tool, provides you with a "platform", where you define your users and the different groups they belong to, your business rules, define the pages and content for each user or group, create common folders that can be shared across business functions, and then use all these to define your business process. A business process could be defined as a collection of work that has to be done by different users and a set of background actions that must performed by the system. At each step in your process, the system automatically collects various metrics such as the time it takes to complete each step or the number of tasks pending for a particular process.

Think about it, and you will realize that each and every function of your business is a process – a set of events that are triggered by certain conditions (such as a new customer), and driven to a specific outcome(s) (taxes filed for a specific year) while following a set of defined steps (collecting and securely storing personal information, setting up reminders for follow-up and such). Being a platform, and not a pre-built software solution, you are now powered to finally have the software fit to your requirements rather than having to change your business.

You will also have all the right metrics on task and process duration, resource utilization, and business performance. All these metrics are also based on current utilization rather than having to rely on predictions based on past performance. The overall system maintenance and administration costs are also drastically reduced as you now have one system that people interface with, while in the background the system does the interfacing with all other applications.

There are also other key advantages of a BPM tool:

1. Rapid Development

2. Collaborative suite of applications

BPM tools come with pre-built blocks of functionality, that you drag and drop on to a canvas, connect and configure, and within a few days, you have your fully functional business process automated and ready to go. The key benefit here being that you don't want long cycles for a system to be available, but rather provide the business users very early opportunity to provide their feedback, so that the finished process looks like what they want, rather than what the developers want.

A BPM tool such as Appian also comes with its own document management and content management modules. This provides users with powerful tool where they can build their own case management application from scratch.

In conclusion

BPM is by no means a cure all kind of solution. But it will get you there when properly implemented. BPM offers immense potential to analyse, optimize, and improve your existing business functions thus providing you with the capacity to address increased volumes of existing business or even take on more new business. Why not investigate the BPM route?

Venkatesh Ramarathinam is currently taking care of the APAC operations of Appian, a provider of BPM Solutions. He has over 5 years of experience in the BPM space, working with various customers across the globe in assisting them with building a workflow solution and optimizing their business processes. For more information, visit www.appian.com

Six Sigma has been adopted by many organisations as a methodology to better control projects and deliver benefits. However there have been many examples where projects managed under this methodology have failed. Anne Hudson explains some reasons for the failures and describes some preventative measures that can be adopted.

• Lack of team cohesion and leadership
• Lack of effective tools to support projects and optimise the process
• Difficulty leading distributed teams
• Lack of Sustained Management Engagement

Results of a recent survey published on www.isixsigma.com shows that 60% of respondents cited 'lack of sustained executive sponsorship and commitment" as a key factor in why Six Sigma projects fall short of expectations. Fifty-eight percent blamed lack of buy-in from frontline managers and employees for implementing and sustaining results on Six Sigma project solutions.

When there is a lack of commitment and buy-in from management, project selection is at risk of failing to address critical business needs. If projects selected for improvement are not considered business priorities, managers will not engage and projects will not get the attention, resources and commitment they need to be successful. A common symptom of the problem is the tendency to set annual project completion targets too high. A consequence of setting over ambitious targets is that teams are more likely to select a large number of small projects that deliver modest financial savings instead of tackling deep business issues that take longer to execute, but have the capacity to deliver significant bottom line results. In the absence of big savings, management support is less likely to be sustained over time.

What is the cost of managers and process owners not buying-in to projects and failing to contribute their knowledge to Six Sigma projects?

The old adage, "involve the people whose commitment you need in the decision making process and they will buy-in to the solution" still holds true. The more you need the commitment and energy of others, the more you need to involve them in decision making. People who have a stake in the project are much more likely to buy-in and provide needed resources, whether its time, money, people or personal sponsorship. The process progressively involves the internal and external stakeholders in thinking about and planning the change, so there is broad ownership.

Getting Buy-in

The Stakeholder Analysis is the first step to developing an understanding of who will be critical to your success, how you will win their commitment, what interests you will need to serve and what resources and authority you will need to attract in order to efficiently and effectively implement the project, particularly when organizational goals are aligned with Six Sigma projects.

With the foresight gained from your strategic stakeholder plan, effective management engagement starts by involving key leaders in selecting high value projects, establishing the scope of these projects and who should be on the project team. Managers involved at this level are more likely to commit resources and less likely to delay decisions or withhold resources during the course of the project. Similarly, process owners are much more likely to contribute time and effort to the project when their interests and needs have been met by the team. Include process owners in your Stakeholder Analysis, and try to identify some early "wins" to sustain their interest throughout the project.

Time is often the most difficult commodity to acquire from the leadership team. So it helps to keep planning meetings as brief as possible. Match meeting duration to your managers typical 30/60 minute time slots. To make the hour as productive as possible, try keeping to a tight agenda. Maintain focus on the objectives of the meeting. Discussion is valuable at meetings but lengthy debates are often unproductive and simply a stage for time wasters. Consider introducing a structured method to process agenda items that encourages discussion but limits time consuming debate.

Also consider what benefits might flow from packaging your meeting methodology into an easy-to-follow process containing your agenda topics, questions, participant thinking prompts and decision points, so that you can focus on achieving your meeting objectives and not be constrained by the meeting process. Consider using tools that accelerate decision making e.g. voting, ranking, prioritizing, action planning. These tools and techniques are regularly being used in process improvement projects. Typically a one day workshop can be completed in half a day.

Leadership Shortfalls

Effective teamwork is a critical component of all Six Sigma projects. Unless teams are equipped with the necessary leadership, skills, attitudes, focus, alignment and motivation they are unlikely to succeed. It only takes a few problems to create a dysfunctional team incapable of achieving a successful project outcome. Poor team dynamics is the major cause of dysfunction which may include:

• Refusal to identify a leader

Team members fail to accept the authority of the appointed Black Belt or Green Belt. In the absence of leadership the team will be rudderless and performance will be negatively affected.

• Failure to establish roles and responsibilities.

This area includes skills and individual expertise. When there are no clear roles, effort is likely to be wasted or duplicated and the skills necessary to complete the project may be absent from the team.

• Absence of goals/objectives to guide the project.

The old saying holds true, "If you do not know where you are going, you are never going to get there".

• Members have no understanding of how they are going to work together as a team.

Without some team building activity teams will lack cohesion, trust, discipline and the motivation to excel.

• Failure to use quality tools

The absence of tools to implement the DMAIC (Define, Measure, Analyse, Improve and Control) methodology can lengthen the project cycle time and reduce team productivity.

To help teams become more effective:

• Focus team effort on achieving business results

This creates a common purpose and context for decision making. A useful hierarchy is to establish project team goals, roles, procedures and relationships during the first team meeting.

• Articulate and enforce "a few team rules"

This creates the necessary cohesion and fosters goal-directed collaboration in strategic and creative thinking, meeting management and teamwork itself. Review the rules periodically to encourage achievement of higher standards. Benchmark against the highest performing teams.

• Create higher standards for idea generation, prioritization and action planning

This ensures that more information is considered and potential consequences are anticipated. Decision making improves when team members are motivated to create superior ideas. Better project outcomes result.

• Encourage personal accountability

Team members will perform their assigned roles more effectively and provide value-adding contributions when they understand they are personally accountable for project outcomes.

• Use a structured methodology
  • Clear expectations of the lead
  • Mission statement and team goals
  • Shared view of what the project should look like
  • Clarity about each person's role in the completion of the project
  • Team norms including metrics
  • Adequate time commitments from each member
  • Agreed upon norms around communication
  • Mix of synchronous and asynchronous communication

Thirty-three percent of survey respondents blamed "lack of a structured methodology" for short falls in Six Sigma projects. New programs that integrate online collaboration with a structured Six Sigma methodology have the capacity to accelerate project cycle time and contribute to management buy-in. High performing teams with a systematic, structured methodology and the right collaboration tools can reduce project cycle time by as much as 92%.

These integrated tools and processes also provide leadership support to Belts who are required to demonstrate high levels of competence in three diverse areas - statistical analysis, team and stakeholder management and meeting facilitation – all of which require different skill sets and increase the complexity of facilitating Six Sigma facilitation projects.

Armed with a structured, collaborative methodology and online tools such as meeting agenda guides, statistical tools, a facilitation "script" and a roadmap increases productivity, decreases leadership complexity and increases the potential for more successful projects, delivered on time and on budget.

Results in less than half the time

While information technology pervades almost every sphere of business and delivers countless productivity and cost benefits, it is surprising that there is so little high tech is used in meetings. Ask anyone who regularly attends meetings and they will say that meetings are a necessary evil, but they waste time, lack focus, few decisions are made and discussion is often dominated by a few opinionated people. The time it takes a project team to work serially through a whiteboard or sticky-label session cannot match the productivity of collaborative software tools that reduce project time by up to 92% (IBM Research).

PC-based meeting tools are designed to facilitate effective teamwork and collaborative decision-making in meetings, workshops and conferences and can be used in face-to-face, distributed or a combination of the two modes – either synchronously or asynchronously. Imagine rapid problem solving in a shared space. Everyone is able to instantly add-value to other ideas. All participate. Decision support tools move ideas through a flexible process including categorizing, ranking, action planning and reporting.

Some of the available tools are customized to the Six Sigma methodology to further accelerate projects and gain consistency across all projects. These tools also provide action learning environments to accelerate new Belt training and a "corporate memory" for lessons learned from projects. Buy-in is enhanced because more stakeholders can be involved in decision making; everyone has their say and no one can dominate meetings.

Working with Distributed Teams

Managing distributed teams may become the single biggest challenge in Six Sigma projects. The increasing need to manage team efforts in different locations and time zones and across organizational boundaries is amplifying the complexity of project execution. Six Sigma projects already require high levels of group problem-solving, interpersonal communication and leadership. However, it's a fact that while dispersed teams require more management and communication, and they often get less.

Managing cross cultural issues

Managing a multicultural, trans-global project team presents specific challenges to team leaders. There are cross-cultural issues which discourage members from contributing their knowledge during virtual meetings, particularly where Belts are relying on local skills and knowledge of team members to identify process improvements. In the absence of good information, outcomes will be compromised.

Conference calls are not enough

Teleconferencing meetings are another major headache. Survey results show that in over 65% of teleconferences, members multitask, often replying to emails rather than contributing to a brainstorming or problem analysis discussions.

Too many balls in the air

Some Belts focus on how to make the people on the team "fit" together with the right skill mix and fail to create the conditions that challenge the team to reach higher levels of performance, better decisions and project outcomes. Conversely, insufficient emphasis on rapport building and team members fail to bond, trust is not established and conflict situations arise, deflecting the teams' focus on achieving results. Perhaps no other factor is as critical to a dispersed team's long-term success as a good start-up.

Maximizing distributed team performance

Maximizing distributed team performance also requires increased team collaboration and communication. It is harder to build a high performing distributed team than a co-located team, yet team effectiveness is vital to achieving project success. Team building, at the outset, helps to establish member roles, enables trust, and helps to create a team language for more effective communication. It is at this stage where team goals are established and individual team members determine whether their personal agendas align with the team's agenda.

An effective start up should get the team through the Forming stage of team development, and eliminate the high degree of uncertainty members feel about the group's purpose, structure and leadership. Start up should include:

In the Storming stage, there may be team conflict around issues such as leadership and loss of individual control which need to be addressed. In the Norming stage members develop strong relationships and cohesiveness. They share a common set of expectations and demonstrate cohesive group behaviour. When teams enter the Performing stage, they are fully functional and focused on achieving the objectives of the project. Teams are dynamic entities and subject to problems and issues requiring leadership and understanding.

Summary

The difference between a successful project and one that fails to meet expectations has more to do with people and how they work together than with quantitative analysis, important as it is. Tools and structured processes can make the difference between a good and excellent project.

Anne Hudson is CEO of Grouputer Solutions. If you would like more information about on-demand collaborative programs for Six Sigma, please contact us via email or call, +61 2 9960 1408

In this issue we have identified a number of issues and trends for our contributors. Below is a miscellaneous selection of websites and references that has been compiled to help interested readers undertake further research on these topics.

- Security - Viruses -

There are so many anti-virus software packages in the market-place that it is difficult to know where to begin.

To understand more about anti-virus software check out the wiki http://en.wikipedia.org/wiki/Antivirus_software where there is a history of the anti-virus market, background reading about the methods used by many of the anti-virus vendors and a summary of the issues of concern.

For a more detailed understanding check out the section on http://www.howstuffworks.com/virus.htm which explains “How a Virus Works”

Ever thought about the added risks that remote workers bring to your network by introducing viruses from their home machines? Scott Bradner raises some interesting issues in “Human and computer viruses are both security risks” at http://www.computerworld.com/s/article/9137304/Human_and_computer_viruses_are_both_security_risks

For those who are not aware of what viruses and can do PC Authority has described “Top Ten Worst Viruses)” http://www.pcauthority.com.au/News/143993 top-ten-worst-viruses.aspx . Written in May 2009, this article describes the viruses and what impact they had.

Security – Firewall

As for Viruses there is a wiki about firewalls at http://en.wikipedia.org/wiki/Firewall for those who want to learn more about firewalls. And also information at http://www.howstuffworks.com/firewall.htm

Of course if you Google firewall software you will find links and references to many of the software packages that serve this segment of the marketplace.

Security - General

A worthwhile site to spend some time reading is the Office of the Australian Privacy Commissioner. While primarily providing information about protecting your privacy, one section of its http://www.privacy.gov.au/topics/technologies is devoted to information related to the Internet, Communications and other technologies.

Many of the banks also provide information for their customers about online security. This information is aimed at ensuring customers who are doing online banking are taking adequate measures to protect their computers and data. As an example check out the Commonwealth bank’s advice at http://www.commbank.com.au/security-privacy/online-security/online-security-tips/

- Digital Strategies -

For any organisations considering utilising new media as part of their strategy, Wed central have published an interesting paper called “Unleashing the Enterprise Broadcaster Within: Preparing for Today’s Digital Media Revolution” http://www.webcentralcorporate.com.au/repository?file=MediaPoint%20Whitepaper.pdf

The article explores options for investing in the necessary infrastructure.

The Department of Broadband, Communications and the Digital Economy has published the “Australia's Digital Economy: Future Directions” paper. http://www.dbcde.gov.au/digital_economy/future_directions_of_the_digital_economy/australias_digital_economy_future_directions The paper includes information on why the digital economy is important for Australia, the role of government and some case studies of Australians who have successfully engaged with the digital economy from a diversity of industries including content, e-health, maps, banking, education, smart technology and citizen journalism.