Sunday Business Post - Computers in Business - April 01 2007
Technology vendors are promoting machines which are friendly to the environment but which can also save money, writes Dermot Corrigan.
Energy efficiency is the phrase on everybody's lips today. On a global scale, there are sweeping climate change announcements, while here the Irish government has introduced the 'Power of One' initiative to try and persuade Irish consumers to use less energy by doing simple things such as turning off the lights when you leave the room or only using the dishwasher when it is full.
Big technology vendors are aware of the way the wind is blowing and have introduced a number of new energy efficient servers and PCs. These vendors are also aware that, while Irish businesses might care about the environment in theory, they are generally more worried about their bottom-lines.
Hence the introduction in recent years onto the market of products which ensure that purchasing decisions can be both environmentally conscious and economically shrewd. The latest energy efficient servers and desktops consume less energy and also cost less money.
"The economic reasons for adapting energy efficient technology now far outweigh the environmental reasons," said Brian Kavanagh, Primergy product manager with Fujitsu Siemens Computers. "The economic barrier that was there in the past has been taken away, where if I wanted a green PC well I was going to have to pay a premium. Now the costs involved are actually reduced because a green PC is more efficient than a normal PC."
Richard Barrington, head of public policy for Sun Microsystems in Britain, said that businesses which purchase energy efficient technologies generally fall into three camps.
"Some people think of their corporate reputation and are interested in energy efficiency in terms of climate change, these are your BTs or Skys of this world," he said. "A much much bigger group of people are buying energy efficient because energy is costing more and more and people are looking at their bottom line and saying we want to do more with less. Then there are third group of people, including a lot of our big corporate customers, who are running out of space, or cannot get enough power into their data centre."
There are a number of factors which have fallen into place to tilt the balance in favour of energy efficient solutions. The first is that global energy prices have risen sharply.
"What has driven this over the last few years is utility expenses have shot up worldwide," said Eddie English, of Dell. "Probably in the last three to four years on average energy costs have gone up by about 20 to 25 per cent. A lot of people have arrived at a situation where they have to do something because their energy costs are too high."
Meanwhile, the IT equipment used by organisations has become much more powerful and requires a lot more energy to run.
"As electricity costs are increasing, power consumption on modern machines is increasing as well," said Mike Hughes, Windows client manager with Microsoft Ireland. "A PC today needs four or five times as much power as a PC would have a few years ago."
A third reason which has lead Irish businesses towards energy efficient solutions is that they are now using a lot more physical IT infrastructure than in the past. Organisations using data centres, especially, have seen their requirements shoot up.
"Storage requirements are growing phenomenally, up to 50 per cent per year," said Gavin Jones, business development executive, energy & utilities industry with IBM.
The combination of all these factors has placed energy efficiency clearly on the agenda of anyone charged with making IT purchasing decisions in Irish organisations. It also means that managers should consider the 'total cost of purchase' of a piece of IT equipment, rather than just looking at the sticker price upfront.
"Businesses should look the costs down the line," said Kavanagh. "If you are saving €100 on a PC up front it could be costing you a lot more over five years. I think Irish customers are starting to see that they should not always just go for the cheapest upfront."
The server and data centre space is where the highest energy costs are generally found. Consequently this is where the greatest savings can be made by introducing energy efficient technology, and manufacturers and vendors have targeted energy efficiency as a major marketing point for their products.
One metric that server manufactuers are keen to showcase is the 'performance per watt'.
"In the energy efficient servers we are talking about a 25 per cent improvement in terms of performance per watt," said Dell's English. "A regular server is probably running round about 320 or 330 watts. An energy efficient server, with specifically configured processor and memory, will run at around 260. Not alone does it use less power, but it also performs the transaction so much faster."
English said that this translates into significant cost savings.
"It depends on the cost of utility bills in your country, but in general what we are seeing is about $200 or $220 savings per server, per year. That is fairly considerable when you take into account that a large data centre could have a couple of hundred, if not a couple of thousand servers. You are talking real tangible benefits."
Energy efficiency savings are not confined to organisations with large data centres. Savings can also be made in organisations which are running PCs and laptops.
"Vendors are looking to differentiate themselves in these markets, and it is an advantage if they can say they are greener than others," said Hughes. "For example there are the Energy Star ratings. If your PC is energy star compliant you have to meet certain power usage levels. If your machine is energy compliant that can save you €50 a year."
The rising energy costs focused minds within R&D at the major IT manufacturers to develop technology which used less power. Sun Microsystems' latest servers use 'CoolThreads technology', which Barrington said cuts power consumption by 30 per cent.
Barrington said that this did not mean working harder, it meant working smarter. One intelligent deployment of existing power usages is to ensure that processors used their time more efficiently.
"Basically a computer processor does one thing, and then it waits either for another command from the user or for the memory to return information," he said. "So what we have done is build a computer that every time that processor finishes a job and it is waiting for something else, it starts another job. It can actually do 32 things at once."
"Because of that we have been able to increase the clock speed, make the computer go faster and faster, without using more energy and producing more heat. These processors use about half of the energy of traditional processors."
Dell has introduced their ‘Energy Smart’ technology into both desktop PCs and PowerEdge servers. Hughes said that the new servers can deliver up to 25 per cent greater performance per watt, while reducing power consumption by 20 per cent, compared to industry standards.
Another advantage of energy efficient solutions is that they can play a role in keeping replacement and repair costs down.
"The hotter things are the more inclined they are to break down," said Kavanagh. "If you reduce the temperature by ten per cent you can double the lifetime of the mechanical components within a server, which reduces the total cost of ownership of that box."
Other significant costs for organisations which require a large amount of IT machinery are air conditioning and cooling systems. Dell estimate that 40 per cent of the total power usage in a data centre goes into chillers and air conditioning units.
"Not everyone understands that one of the bigger expenses in a data centre is running your air conditioning units," said English. "A server that is consuming less power is going to be generating less heat, so you can crank down your air conditioning and chilling units and save you a lot of money."
A number of the big server manufacturers have introduced tools which allow customers to see how much energy they might save with intelligent technology purchases.
Sun have developed the ‘SWaP’ (Space, Wattage and Performance) metric. This assesses the efficiency and effectiveness of rack optimised server deployments in a data centre.
Potential customers can use the Sun website to perform the calculation (SWaP = performance / (space x power)) and compare results from different systems offered by each vendor they are considering.
The Dell website features a similar gizmo that allows interested individuals to see how much they can save by harnessing the energy efficiencies of Dell products including laptops, servers and other data centre technologies.
Consolidation and virtualisation also play a key part in adding to an organisation’s IT efficiencies. By consolidating all their IT requirements onto fewer, more efficient servers, businesses can make substantial savings.
"Consolidation and virtualisation play an absolutely massive role in conserving energy," said English. "We have seen some serious advances in hardware over the last year. Some customers have been able to go from a ratio of five or six to one. I myself have seen instances where folks have been able to go from ten machines down to one."
"Other things to look at are things like power supply, which historically has been horrendously inefficient," said English. "In our latest servers we have the efficiency rating up to 90 per cent."
English also said that scalability is another area where organisations can make big energy efficiency inroads.
"Historically if you bought a mainframe you bought it with a lot of upgrade space so your business could grow into it," he said. "Dell is trying to allow folks to buy what they need for now, and then you can add on scalable blocks as they are required."
The nature of energy efficiency savings mean that everyone from the largest enterprise to the smallest operation can benefit from efficient technologies.
"Almost any business can benefit from energy efficient technology because even if you have a small business you are still talking about the bottom line costs of running each machine," said Barrington.
Hughes said that one reason why larger organisations turn to energy efficient technology is that individual staff do not always do as much as they can to help keep utility bills down.
"If you are a consumer, you are responsible for your electricity bills, so you are probably more aware of turning your machine off or not leaving the machine running," he said. "In your own house your automatic reaction is to switch it off. Small businesses are probably more aware of their energy costs as well, but if you go up into larger organisations somebody else is paying the electricity bill, so you do not automatically think about saving energy."
Organisations which are concerned about energy efficiency can also turn to software solutions.
Hughes said that the recently released Microsoft Windows Vista operating system features the ability to ensure that unoccupied machines are not left powered up.
"The most important thing from the power consumption perspective is the ability to make the machines sleep," he said. "If you take a laptop running Windows XP, when you put it to sleep it maybe took one or two minutes to come back to power again. From a usability point of view that is a poor experience, so people will just leave it running. Vista can effectively put your PC or laptop to sleep in about two seconds and bring it back to resume in about two seconds as well.
Hughes added that Vista can allow IT managers to se power settings for individual machines.
"If you want individual machines to power off after five minutes of no-one touching the keyboard, you can set that up and apply it right across the organisation,” he said. “Or you can blank the screen if no-one is using the machine."
The operating system can also adjust the energy usage of each individual machine so that only the required amount of power is used.
"Hardware and processor manufacturers have built in more intelligent processors, so depending on what the PC is doing at the time they can build up or down the power which the processor itself is consuming," said Hughes. "So the operating system can work with the processor, depending on what the user is doing."
Hughes said that optimum utilisation of these features could lead to considerable savings on each typical desktop system.
"There was a study done by the EPA (Environmental Protection Agency) in the US which said there were savings of €48 per machine per year if you use all these policies together," he said.
Some businesses specifically ask staff not to power down their machines at night, for instance so that they do not miss out on important updates, such anti-virus software upgrades.
"Larger organisations may have policies where they put patches on their machines, and they may encourage staff to actually not switch their machine off," said Hughes.
"This is where automatic software settings become more and more important, because you are effectively taking the user out of the equation."
The 'green' motivation for purchasing one product over another cannot be discounted completely. All of the major IT vendors have reacted to their customers' requirements by introducing environmentally friendly practices.
Energy efficient technologies now sit alongside other responsible practices such as multi-pack solutions which save on packaging materials and supplying less manuals and user instructions with bulk orders.
"It is up to the customer, but in the majority of times they will go for it, as there is no additional cost associated with a service like that," said Kavanagh.
Kavanagh added that other environmentally friendly policies of the large IT manufacturers include reducing the use of dangerous chemicals in machine manufacture, increasing the ease of recycling equipment, cutting the fuel consumed by delivery vehicles and using environmentally friendly packaging material.
Jones said that energy efficient purchasing decisions can be publicised by businesses to impress their customers.
"Companies want to be seen as being custodians of the environment," he said. "Also employees like working for companies that are environmentally conscious, so it helps keep good people who want to make a difference."
Wednesday 4 April 2007
Rise of the green machine
Sunday 1 April 2007
Country club development north of Lisbon
Sunday Business Post - Property Section - April 1 2007
Located at the Obidos lagoon, Quintas de Obidos is a country club development north of Lisbon on Portugal’s Silver Coast, which is on the market with prices starting from €600,000 for 1.3 acre plots and from €1.4 million for finished five-bedroom villas.
The development, which is aimed at the higher level of the market, has its own helipad, a country club with spa and swimming pools, and has an equestrian centre designed by leading Irish show jumper Jessica Kurten.
Prices for complete properties at Quintas de Obidos, which include the land, five-bedroom villa, outdoor pool and all landscaping, range from €1.4 million to €1.8 million.
The scheme comprises 79 five-bedroom villas, each standing on at least an acre of eco-friendly gardens with olive trees and biological lakes.
Buyers can choose from one of 16 traditional Portuguese architectural designs. Eight of the 79 plots have already been purchased by Portuguese and international investors.
Quintas de Obidos is a five-minute walk from the beaches and estuary of the Obidos lagoon.
The ancient walled town of Obidos, with its distinctive white houses trimmed with touches of blue and ochre, dates back beyond the 13th century.
Portugal’s Silver Coast region, Costa da Prata, is situated 40 minutes north of Lisbon airport, and stretches from Torres Vedras to Caldas da Rainha.
A new motorway from Lisbon has improved access to the region, which will soon be home to two five-star hotels.
According to the developer, Silver Coast property prices are about 30 per cent lower than equivalent properties in the Algarve, and the area had seen property price appreciation of about 40 per cent in the last three years.
The fully-equipped equestrian centre is expected to draw strong interest to Quintas de Obidos.Kurten, who is a high-profile showjumper, is heavily involved with the project as an ambassador and consultant.
Keeping a horse at livery here will cost about half the equivalent rate in Ireland, and Kurten plans to bring other professionals to Quintas de Obidos for training and schooling.
Golf is also expected to be a major attraction for the development, which is surrounded by the Praia d’El Rey and Bom Successo golf courses.
The Praia d’El Rey is rated the number one course in Portugal by Golf World magazine.
The Estoril, Quinta daMarinha/ Oitavos and Penha Longa courses are also within a 45 minute drive of Obidos.
Monday 26 March 2007
Can podcasting ever pay its way?
Sunday Business Post - Media & Marketing pages - 25 March 2007
Everyone’s podcasting now, but when will the service turn a profit for the big broadcasters? Dermot Corrigan reports.
Irish radio stations are turning heavily to podcasting, but profiting from these downloadable broadcasts is proving tricky.
‘‘At present, we don’t sell advertising around the podcasts and all our podcasts are free,” said Aisling McCabe, sales and business development manager of RTE.ie. ‘‘We do plan to introduce an advertising and sponsorship model around relevant podcasts in the near future, but the exact packages haven’t yet been finalised.”
‘‘There are no imminent plans for advertisements in podcasts,” said Michael Markey, marketing director of Newstalk106. ‘‘I think in terms of web, podcasts and live streaming, advertisers are still finding their way around that whole area.”
Despite this lack of a direct revenue stream, the number of podcasts being offered by Irish radio stations is increasing rapidly. RTE, Today FM, Newstalk 106-108 FM, 98FM and FM 104 all offer a variety of their complete radio programmes minus advertisements, or edited highlights, for download as podcasts. The podcasts are accessed either directly from the station’s website, or via a dedicated podcast provider such as iTunes.
The number of programmes being downloaded as podcasts is also growing quickly.
‘‘The number of RTE podcasts for February was almost double the figure for January,” said McCabe.
There is no external audited method of measuring podcast downloads in Ireland. The iTunes chart is the only independent measurement available, but it only count s podcasts subscribed to in the last 24 hours from Irish locations. This makes the chart unreliable, as it heavily favours podcasts that have been made available for download recently.
RTE sources said the total number of podcasts downloaded from its servers in February was about 160,000. The most popular downloads were Morning Ireland, The Weekly Ryan, Conversations With Eamon Dunphy, Liveline, Playback and Drive Time Sport. RTE currently offers around 50 other podcasts covering news, sport, entertainment, education, historical and documentary/features programming.
Newstalk1 06-108 FM figures claimed a current daily figure of 65,000 downloads over their 12 podcasts. The most popular Newstalk podcasts are the sports show Off The Ball and The Breakfast Show.
Today FM’s internal figures showed that the Ian Dempsey Breakfast Show was downloaded approximately 164,000 times in February. The Gift Grub sketches are included in this podcast.
Other Today FM podcasts include The Last Word (30,000 downloads in February), The Sunday Business Show (10,000) and The Tom Dunne Pet Cast (15,000). McCabe said that, while figures were still small compared to radio listenership, RTE was content with how its podcast audience was growing. ‘‘It is difficult to compare with radio listenership,” she said.
‘‘Radio listenership is measured on average daily listeners, whereas podcasts are measured based on downloads over a month. For example, the latest JNLR [Joint National Listenership Research] showed that average daily listenership of Morning Ireland was 442,000, while Morning Ireland achieved approximately 30,000 downloads over the month of February. Listening to a podcast is a proactive choice, whereas to listen to radio is often purely passive reception, so they can’t be measured by the same yardstick.”
McCabe said RTE podcasts were being downloaded from locations all over the globe. ‘‘We know that just under 40 per cent of downloads for RTE podcasts are in the US, another 40 per cent are from Ireland, approximately 10 per cent from Britain and the rest is worldwide,” she said.
Markey said edited podcasts could be a good way for listeners to get the highlights of a programme, even if they could not listen to the whole show live.
‘‘The Breakfast Show podcast summarises everything into a nice, neat package,” said Markey. ‘‘If you want to get your daily hit of Irish news, it is a good way of doing it.”
While most of the podcasts offered by Irish radio stations feature content already broadcast, Newstalk and RTE say they have plans to produce podcast-only content in future.
‘‘Sometimes you never get a chance to play a full interview, or air everything on one of the shows,” said Markey. ‘‘It would be great to podcast exclusive stuff; that would be a real treat for the listeners.”
‘‘The next step for RTE.ie is to produce podcast-only content,” said McCabe.
‘‘It is likely that the content would complement some of RTE’s existing output, and would be made in a style that is particularly suitable to the podcast format, rather than re-purposing existing content.”
Some broadcasters view podcasts as another way to add interactivity to their offerings and respond to their listeners’ demands.
‘‘We have an e-mail address - podcasts@newstalk106.ie - and people are always asking can we get this show put up or if we can do back catalogues, things like that,” said Markey.
McCabe said that, while the technology for video podcasts already existed, issues such as broadcast rights had to be surmounted before RTE TV shows were offered for download.
In Britain, personalities such as comedian Ricky Gervais and football presenter James Richardson have been used to front podcasts and grow interest in the platform.
‘‘The idea of using a personality is, absolutely, a way of looking at it,” said McCabe.
‘‘We could potentially leverage existing RTE personalities, who are known for other things that they do on RTE, but not necessarily using the show they are involved in.”
Irish local radio stations are also offering a selection of their programming to listeners as free podcasts.
WLRFM in Waterford won the award for commercial radio podcasting at the Irish Digital Media Awards in February, while Clare FM and Spin 103.8 also made the shortlist.
Sunday 11 March 2007
Film review - Outlaw
Sunday Business Post - Agenda Section - 11 Mar 2007
Outlaw opens with Gene Dekker (Danny Dyer) and his fiancé being physically attacked by a group of chavvish youths. The next scene shows a bloodied and battered Dekker confront the assailants with a gun, but he cannot bring himself to pull the trigger. This turns out to be a dream, however he is soon beaten up in an uncannily similar incident.
Dekker decides he must do something about the random violence, injustice and corruption that appears to dominate his world, and he teams up with an unlikely assortment of similarly disenfranchised angry young men.
They decide to take the law into their own hands, and wreak revenge on criminal elements who have hurt them and are dragging society down.
The leader of the gang is Bryant (Sean Bean), who returns from army service in Afghanistan to find his wife living with another man. Hillier (Sean Harris), is a scrawny security guard whose previous convictions for football hooliganism meant he was unable to follow his army dreams.
Monroe (Lennie James) is a barrister whose pregnant wife is murdered by associates of the gangland boss he is attempting to prosecute, while Sandy (Rupert Friend) is a floppy haired Cambridge university student recently hospitalised after a random street attack.
Following a rousing speech by Bryant, they all agree to stand up for themselves, as nobody else - not the corrupt police, not pompous politicians - seems to care.
This unlikely vigilante group are assisted by Lewis (Bob Hoskins), a straight cop whose years of loyal service have been spent watching less principled colleagues regularly promoted ahead of him. Lewis supplies names and addresses, which allows them to locate and punish the low-lifes who have done so much to damage the lives of ordinary British people.
Given quasi-military discipline and training from Bryant, even the quieter characters grow increasingly savage and vicious.
Director Nick Love, whose previous films include the brutal crime pics Football Factory and The Business, sets most of the action takes place in grim, rainswept London streets. Love has added a socially relevant theme and quality cast members to his trademark films about violent young men out of control. The contradiction in this film's message - that the only way we can combat violence and disorder on our streets is to grab a shotgun and knife to confront the attackers - is quite glaring.
The soundtrack grinds and thumps menacingly and the photography is so grey and steely that it almost blends seamlessly with the CCTV footage which features prominently throughout. The action-laden plot progresses quickly and directly, with little call for back-story or nuance.
None of the actors are seriously challenged by these roles. Bean is characterstically tough and uncompromising, while Hoskins gives a convincing performance of a good man driven to act immorally by circumstances beyond his control.
As the vigilantes grow more confident and bloodthirsty, the tabloid press dub them 'The Outlaws'.
Sympathy with the band is quickly lost as we is horrific detail what happens when grown men live out their adolescent revenge fantasies.
Monday 5 March 2007
The virus pirates go for profit
Sunday Business Post - Computers in Business Magazine - 4th March 2007
Protecting a business of any size from virus attacks has become vitally important, as the threats evolve from disruptive nuisance to targeted fraud.
“Virus attacks are becoming more frequent and more sophisticated,” said John Power, security strategist with CA. “Once upon a time the objective of the virus was to cause widespread disruption, and take you out your IT infrastructure, server or network for a while."
"The difference these days is that the people who are writing these malware attacks are now motivated by profit. They look to get inside the organisation to steal personal or company information, at small as well as large companies.”
It is no longer really correct just to speak of virus or spam attacks. The latest security threats come in many shapes and sizes, with lots of colourful and inventive names that mask their impending serious dangers.
These include worms, adware, browser hijackers, downloaders, key-loggers, rootkits, trojans and spyware.
The general term ‘malware’ is now commonly used to cover all of these different threats, each of which have very specific aims and potentially very devastating consequences for the IT systems of SMEs that are not adequately informed and protected.
Many malware programmes now combine a number of different threats in one attack, making them particularly difficult to combat and neutralise.
“The guys who are creating these malware programmes are now introducing multi-modal or blended attacks,” said Power.
“A blended attack combines several different threats in one. It could be a piece of malware code that incorporates spyware, and a virus, and a worm.”
Each element of the malware can have a specific function, and they all act together to cause maximum impact.
“For example, in the first instance it may look to take out the company’s firewall, then once it gets in, it looks to drop a payload into the organisation which may be a worm to take out an application,” said Power.
Michael Conway, director of Renaissance Contingency Services, said that these blended threats can be specifically designed to look innocuous at first.
“There might appear to be absolutely nothing wrong in a spam message, the email will be scanned at a point and there is nothing malicious so it gets to somebody’s inbox,” said Conway. “Then when opened it may lead to a site which downloads some spyware or a virus.”
Once malware has gained access to a PC, system or network, it can lie dormant for a set period of time, or until the user does something specific, such as open a certain type of file or application.
“Threats can come in and sit on your system and activate on a particular event or date,” said James Finglas, sales director of MJ Flood Technology. “It may not become apparent immediately that there is a problem.”
Once the threat does go into action it can quickly spread to each PC in your office. Viruses are designed to automatically replicate themselves and aggressively infect as many systems as possible.
As networks become more standard in typical SMEs, the potential damage of a virus attack increases, as one malware entry can damage your entire IT infrastructure.
“Once the malware gets on your system it will propagate and run through your entire network,” said James McLoughlin, who is senior security specialist with Lan Communications.
In the modern business environment there are many ways in which malware or viruses can gain access to an organisation’s IT infrastructure. Even smaller businesses now typically have a number of different platforms, including desktops, laptops, servers, networks and mobile devices, all of which provide malware with different entry points.
The prevalence of internet use in almost all Irish SMEs means that it is now the number one malware doorway into IT systems and infrastructure.
“The three biggest entry points for viruses would be email, instant messenger and internet browsing,” said McLoughlin.
USB flash drives, mobile phones, portable devices such as blackberries, DVDs, CD-Roms and floppy disks can also carry threats into a business’ systems.
While each piece of malware is different, and some viruses are actually harmless, the three main aims of virus writers are to steal personal and company information, destroy IT infrastructure and damage a company’s reputation.
Malware, such as key-loggers and phishing scams, work by trying to get unsuspecting staff to input sensitive data such as credit card numbers or passwords.
“Unscrupulous types are trying to get credit card information from users or even important company information,” said McLoughlin. “Unsuspecting users can end up on a website that looks safe, but can turn out to be quite damaging.”
Trojans, backdoors and rootkits allow outsiders to ‘hack in’ to your system and access sensitive private information.
More basic viruses will just come in and start smashing up everything in sight, deleting files, applications, disks, networks and memory.
Subtler malicious programmes can make small changes to settings or files, which can have equally damaging results if they are not noticed and neutralised quickly.
Just because an organisation is relatively small or self-contained, does not mean that malware poses any less of a risk to the business. In fact, SMEs can be more open to disastrous virus attacks.
“Threats to SMEs would be of the same nature as those faced by larger organisations, but the consequences would be very different,” said Finglas. “In corporate size enterprises you might have a number of different levels of security, whereas in SMEs if a threat isn’t picked up by the one anti-virus you are using there can be a huge problem.”
These huge problems can include the need to replace IT equipment and infrastructure, lost productivity while a system or network is down, loss of reputation or prestige by not being able to service customers, unreliable data and information in your records, and much more. All this costs money.
“The damage done can be very significant,” said Finglas. “We had one particular instance last year of a company with 50 users that was taken down for seven days. They had 3,500 instances of malware on their system, it really was an awful mess. Forgetting about the productivity costs and loss within that time, the actual costs of cleaning up came to about €20,000.”
Finglas warned that despite these clear and present dangers, he still encountered people who felt that there was too much hype around about viruses and other security threats.
“There is a perception out there that perhaps this is being over-played,” he said. “But I can absolutely guarantee that there is quite a serious danger to all SMEs”
The Solutions
SMEs which decide to implement a new anti-virus product, or upgrade their existing solution, have a number of options. They can buy a product online or directly from a manufacturer and install it themselves, or deal with a re-seller or vendor who may provide a range of different solutions and provide assistance with their implementation, as well as ongoing support as issues arise.
SMEs without the requisite IT expertise or malware experience are advised to speak with someone who knows the different threats and solutions before making any purchasing decision.
“You can implement a solution in-house, but I would suggest that they definitely need to engage somebody that understands the different threats,” said Finglas.
Conway also recommends that SMEs without IT expertise deal with a reseller or service provider who can provide advice and support about products, and help deal with problems as they arise.
“Those who just buy off the web will find things more difficult,” he said.
The most popular anti-malware products in the SME space are now UTMs or Unified Threat Management suites. These take a holistic approach to threat management, and integrate anti-virus, anti-spyware, anti-spam, firewalls and web content filtering in one package. These are quickly replacing previous ‘point-based’ solutions which focussed on one particular threat, but did little to protect from the others. In the era of sophisticated blended threats, such an integrated solution is generally accepted as necessary.
“A lot of firewalls are now building in anti-virus, anti-spyware and content filtering functionality,” said McLoughlin. “So rather than someone buying several specialist software products, they can go for an all-in-one box.”
UTM systems are particularly designed for the smaller company.
“You are not going to be able to throw ten thousand users at it, but in a hundred user or less environment they are an attractive proposition,” said McLoughlin.
McLoughlin advises companies to look for a modular threat management system which can be upgraded and added to over time, as your business evolves and faces new risks.
“All of these UTM-type solutions will start of with a base level with very basic features, maybe acts as a firewall on its own, and then as the budget becomes available or as your requirements become more demanding you can add extra features,” he said.
UTM products can typically be centrally managed and controlled, which means that one person can keep an eye on each entry-point into a system or network, a good idea as it is often not practical or sensible to rely on each individual within an organisation to ensure their anti-virus software is running properly and regularly updated.
“Good all-in-one solutions are deployed and managed through a central console,” said Conway. “You identify your threats and roll out your updates from a central point. If you have one piece of software running on ten different machines, and a separate piece of software running on five, you have no central point of control, and you will have gaps. A centrally managed solution is also the most cost effective.”
Conway said that organisations operating stand alone PCs, cannot use the integrated threat management packages.
“Very small organisations without a server will have to manage their desktops on an individual basis,” he said.
Thousands of new threats are unleashed onto the internet every day, and spread quickly, so keeping an anti-virus system completely up to date is of vital importance.
“The technology is updated live over the internet in real time, the unified threat management makes contact with our system which looks to see what are the latest threats, where are they coming from, and distributes the solution to all customers worldwide,” said Power.
The costs of all-in-one systems vary depending on the requirements and size of the organisation. Power gave an example for a company with 100 employees looking for full protection.
“For a unified threat management suite that neutralises each of the threats and types of malware you are looking at a per user cost in the region of €21 per annum, that includes all maintenance and update costs,” he said.
Finglas quoted a figure of €270 per user in a typical 25-user network environment to cover anti-virus, spyware, malware, spam and email and web content filtering, and €190 per user in a 50-user network environment. These costs include dedicated hardware required to run these software solutions, and include dedicated hardware required to run the software solutions.
Conway said that the costs for a typical SME with 25 users would be €925 for an annual licence for basic anti-virus, with extra modules then costing extra. This licence included office hours support is included, with 24 hour service costing more.
“I think price is very important when you buy a piece of software, but the most important thing is that there is somebody there to help you if and when you come across a problem,” said Conway. “SMEs need a good level of support, with access to a knowledgeable person who knows what to do in a situation.”
It is possible for SMEs on a tight budget to download solutions for free from the internet, which can offer a certain amount of protection. Conway said that while this could work on occasion, there were definite risks involved.
“Some people go off down the freeware route and decide they want to manage things themselves,” he said. “They may have the latest version of freeware on some machines, but they are not centrally deployed, managed or updated. If you do not have current up to date protection which covers everything then you are going to get infected.”
New technologies such as mobile devices and wireless networks can also bring challenges to SMEs looking for total protection from malware, and managers should ensure that their anti-virus systems are able to deal with these.
“The attraction to wireless is so big that people very often overlook the security risks involved,” said McLoughlin.
For example if a member of staff is out of the office travelling for a few days, their laptop may not have been updated during that time, and may now be a potential weak point in your system.
“The anti-virus technology should check the mobile device before it is allowed access back to the network,” said Finglas.
While solutions can spend most of their time ensuring an organisation’s IT infrastructure is safe from external threats, they can also keep an eye on internal usage to ensure that there are no problems there.
“We are seeing a focus whereby firewall technology within the organisation is ensuring that employees are not spending time visiting websites that they should not,” said Power. “Devices are locked down to ensure that staff are focused on day to day business and not wasting company time downloading music from itunes, for example.”
Conway said that a certain amount of basic training for all employees was required to complement any anti-malware product, no matter how sophisticated the solution installed.
“Dangerous e-mail should be quarantined or deleted by your anti-virus software, but if it is not and you receive it in your inbox do not open it, just delete it,” said Conway. “If people are following the basic rules, browse the internet in a sensible way and do not open email they shouldn’t, then you have a reasonable layer of protection.”
McLoughlin said that a well thought-out and properly implemented security policy, which clearly lays out to all employees what the correct behaviours and usages of each element of the organisation’s IT infrastructure is also useful to keep a business safe.
“You have to ensure it is enforceable and that people are going to comply. For an SME vigilance is your best thing,” he said.
Despite all the warnings and publicity around spam, viruses and malware threats, McLoughlin said that many Irish SMEs are still not sufficiently protected, for a number of reasons.
“I think there is a better awareness than there was, but a lot of IT security is still taken for granted,” he said.
As each new technology is introduced to a business, managers should re-evaluate their security policies and ensure that their anti-virus solutions can cope.
“The attractions of some of the new technologies and the benefits that they provide may be too big a carrot for people who plough ahead and use them regardless,” he said.
