The Continuity Logic customized demo provides an opportunity for qualifying organizations to evaluate Frontline Live 5™, with their plans, desired controls, policies, and procedures. This first-of-its-kind system for both business continuity and many other areas of Governance, Operational Risk and Compliance (GRC) is powerful, but often best viewed with some of your familiar plans, data and templates.


Spring World 2016

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 28, Issue 4

Full Contents Now Available!

Jon Seals

tyntec Research Finds The Use Of Personal Mobile Devices For Work Is The New Norm, But 74% Of US Workers Prefer Separate Phone Numbers For Work And Personal Use


MUNICHtyntec, a telecom-web convergence company, today issued the results of its international BYOD User Survey 2015 “Employees’ Choice for Mobility.” The findings, based on responses from Spain, the UK and US, reveal sluggish adoption of BYOD policies by organizations, while its employees voice strong privacy concerns and preference on device usage. The UK showed the smallest percentage of BYOD governance with a mere 18% of respondents claiming to have awareness of a formal policy in place. For those employees using a mobile phone for work purposes, the majority of respondents indicated a preference for separate phone numbers for work and personal usage, with Spain showing the strongest preference at 91%. Privacy and reimbursement were cited as major concerns for employees using their personal phone for work.


tyntec conducted the BYOD User Survey with SurveyMonkey collecting data of 1,320 respondents from SurveyMonkey Audience panels in the US, UK and Spain between May 16 and May 22, 2015. The respondents were preselected for their employment status as working at an organization with 500 or more employees, and completed an online survey.


The following key insights were identified by tyntec’s survey:


BYOD: The New Norm Without Boundaries

The majority of employees across the US (61%), UK (43%) and Spain (69%) claim to use their personal mobile phone for work-related tasks. Oftentimes, work-related mobile usage takes place outside of office hours. Nearly all employees using mobile phones for work continue their work usage during non-business hours, with Spanish employees showing the highest tendency to do so at 95%, followed by the US (94%) and UK (89%).


Despite the considerable amount of work-related functions carried out on personal phones, there appeared to be a limited number of BYOD policies defined by employers. Only a small subset of employees claimed to have a formal BYOD policy in place, with US showing the highest percentage at 34%, compared to 18% in the UK and 25% in Spain.


Separation For the Sake of Billing and Privacy

For those employees performing about 50% of work-related tasks on a mobile phone, nearly half of respondents show a strong preference for using one device with two separate phone numbers – for work and personal – to switch between during the course of the work day. This beat out the option of carrying two separate devices (39%).


Potential drivers for separation preferences can be found by expressed concerns over reimbursement and privacy. Employees that are currently using their personal device for work are moderately to extremely concerned about having to pay for business usage on their phone bills in the US (62%), UK (54%) and Spain (69%). Additionally, employees using their personal device for work expressed concern about their employer’s ability to access their private messages. In the US, 62% of workers were concerned about potential privacy issues, followed by 58% of employees in Spain and 48% in the UK.


Mobility In Practice: Employee Usage Patterns

In US workplaces, the most frequently used function on a mobile device is accessing email (37%). Whereas, in the UK (38%) and in Spain (51%) voice is the most regularly used function. Similarly, work email and office phone numbers were the most common contact information handed out by employees to external partners or customers across all surveyed countries. The UK was least likely to give their personal mobile number to external contacts, with only 12% claiming they would do so, compared to 26% in Spain and 23% in the US.


“BYOD is the new norm, and the sooner enterprises embrace sound BYOD policies and user friendly features, the sooner they can increase productivity and eliminate concerns from its employees and IT,” said Thorsten Trapp, Cofounder and CTO of tyntec. “The use of virtual numbers accomplishes both sides of the BYOD puzzle. IT departments can ensure mobile governance over all communication devices and employees are granted separation. All that is required is for employees to install their corporate app enabled with virtual phone number, and simply switch to the app for work related communications.”


tyntec provides the technology and infrastructure needed to power enterprise communication applications with voice- and SMS-enabled virtual phone numbers. Using this technology, enterprises are able to provide the convenience and privacy employees want while also meeting the business requirements for productivity and governance.


The survey report and infographic can be downloaded here: http://tyntec.com/resources/whitepapers.


About tyntec

tyntec (www.tyntec.com) is a telecom-web convergence company that connects the

immediacy and convenience of mobile telecom with the power of the Internet. Partnering with mobile network operators around the world, tyntec enables enterprises and Internet brands to power their applications, authentication, and mission-critical communications with universal mobile services such as SMS, voice and phone numbers in the cloud.

Founded in 2002, tyntec employs over 150 people in six offices around the globe, serving more than 500 global businesses, Internet brands and mobile network operators.

Interoute Virtual Data Centre provides on demand, resilient ICT infrastructure for growing online personalised printing company


LONDONPhotoBox Group, a leading European personalised printing company, has selected Interoute’s global networked cloud infrastructure platform Interoute Virtual Data Centre (VDC), to ensure customers have a fast seamless ordering experience across Europe, during seasonal traffic peaks on its e-retail consumer websites.


The Group, made of several brands including PhotoBox, Moonpig and Sticky9, has more than eight million active customers in over 20 different countries [1]. Its e-retail websites manage the upload of millions of customer images per day, surging to much higher levels ahead of seasonal gifting dates such as Christmas, Valentine’s Day and Mother’s Day. PhotoBox uses Interoute VDC because it gives the company the control to pre-book, and provision on-demand the capacity required to ensure that despite periods of huge surges in online orders, users get a smooth, fast ordering experience at all times.


Graham Hobson, PhotoBox co-founder and MD Incubator commented, “As customer demand for PhotoBox’s innovative products continues to rapidly increase, we needed a smarter and more creative solution to support both the front and back-end of our growing online business. For our Paris operations in particular, we were looking at sending our data across hundreds of kilometres and back for processing, which would have really slowed down the website experience for our customers. We like the hybrid cloud model and Interoute has proved the perfect fit for us, delivering networked cloud infrastructure that is close to us, simple to provision, quick to scale and can be dedicated to us when we need it.”


PhotoBox Group uses a hybrid combination of colocation, cloud and private network to host its online business. By taking additional dedicated cloud resource in the Interoute VDC Paris and Amsterdam zones, the Group benefits from the highest transfer speeds by using extra server capacity close to its existing data centres and servers, reducing latency for its backend processes, and by plugging directly into Interoute’s 67,000 km, high capacity network, which gives optimised reach to website users across Europe and the world.


Matthew Finnie, CTO at Interoute added: “Our Interoute VDC is unique among IaaS platforms in that its 14 global cloud computing zones are pre-built into our advanced private network. This innovative combination of network and compute gives Photobox an automated global cloud which brings its customers and the Group’s European IT locations closer together, with a built-in guaranteed low latency network to help ensure the speed and performance of its online ordering services.”



About PhotoBox

The PhotoBox Group is a leading digital consumer service for personalised products and gifts in Europe and parent of the flagship branded retail channels PhotoBox, Moonpig.com, Hofmann and Sticky9. From photobooks and unique artwork to the very latest personalised apparel, gifts and greeting cards, the Group’s products enable customers across 20 countries to share memories, celebrate great moments and inject personal expression into their everyday lives. The Group has 700 employees across Europe and is backed by leading international private equity firms including Insight Venture Partners, Index Ventures, HarbourVest Partners, Quadrille Capital and Greenspring Associates.

For more information on PhotoBox, please visit: www.photobox.co.uk. For further information on the PhotoBox Group, please visit: www.group.photobox.com


About Interoute

Interoute Communications Limited is the owner operator of Europe's largest cloud services platform, which encompasses over 67,000 km of lit fiber, 12 data centres, 14 Virtual Data Centres and 31 collocation centres, with connections to 195 additional third-party data centres across Europe. Its full-service Unified ICT platform serves international enterprises, as well as every major European telecommunications incumbent and the major operators of North America, East and South Asia, governments and universities. These organizations find Interoute the ideal partner for computing, connectivity and communications and developing new services. Its Unified ICT strategy has proved attractive to enterprises looking for a scalable, secure and unconstrained platform on which they can build their voice, video, computing and data services, as well as service providers in need of high capacity international data transit and infrastructure. With established operations throughout mainland Europe, North America and Dubai, Interoute also owns and operates dense city networks throughout Europe's major business centres. www.interoute.com

The majority of IT decision makers in large and midsize U.S. companies want to outsource their public cloud management to managed service providers, with 70 percent preferring to deal with a single vendor to manage their entire IT infrastructure, according to a new report.

Digital Fortress, a managed cloud and colocation provider with data centers in Seattle, surveyed 100 IT decision makers online in June. The company found that 65 percent of companies plan to partially outsource management of public cloud to a third-party.



U.S. Office of Personnel Management (OPM) Director Katherine Archuleta resigned last week after OPM officials discovered a data breach in April.

And as a result, OPM tops this week's list of IT security news makers, followed by the Army National Guard, Service Systems Associates (SSA) and "Gunpoder" malware.

What can managed service providers (MSPs) and their customers learn from these IT security news makers? Check out this week's list of IT security stories to watch to find out:



Are you a risky partner? According to a recent Skyhigh Networks survey, nearly 8 percent of cloud partners are given access to company data that is considered high-risk. For MSPs, it’s vital that your clients see your cloud-based file sharing services as a safe move for their company.

In order to effectively work with clients, you must work to show yourself as a low-risk partner, one that works hard to secure their cloud sharing for their other partners. The average company works with 1,500 business partners via the cloud. By first proving yourself as a trusted partner, you can then start working to protect your clients against the other 1,499.



On January 28, 1986, nearly 30 years ago, the space shuttle Challenger broke apart 73 seconds into its flight, leading to the tragic deaths of its seven crew members.[1] As the spacecraft disintegrated over the Atlantic Ocean, the paradigm of risk management shifted from reactive to proactive. Taxonomies, frameworks, methodologies and tools developed rapidly to meet this need to manage risk proactively. And while, nearly 30 years later, we are more confident through the evolution of risk management that has taken place to answer the reactive question, “Are we riskier today than we were yesterday?” we face the stark realization that we are not truly able to answer an even more important question: “Will we be riskier tomorrow than we are today?”

Realizing a collective vision to have informative dashboards that look forward, providing confidence in assessments of how risky things are that lie ahead, is the work of the current generation. That makes today an exciting time for risk management. Great progress has been made, but as we reflect today, we know so much more can and must be done.

At this point, we thought we would take a pause and look back 30 years on how risk management has evolved and some of the lessons we can draw from the past.



The fact of the matter is that it should be more convenient to share threat-related information than it is right now, but an evolved level of suspicion between government and the private sector seems to supersede an understanding at the executive level of the severity of the threats…. Without better information sharing, particularly in the cyber arena, the critical infrastructure of this country remains vulnerable.  (Searle, ASA News & Notes, July 2013)

I’ve spent a fair amount of time since 2009 calling for action in the area of information sharing between the public and private sector.  Any progress that might have been made in this area – the increasingly helpful role and information sharing from the FBI with the private sector, for example – has been wiped out by several recent breaches of highly confidential data reported to the Internal Revenue Service (IRS) and the Office of Personnel Management (OPM).

The four Basel-defined sources of financial loss that can spring from operational risk are unchanging:  people, process, systems and external events.  These days, we have no better illustration of those four sources than in the area of data breaches, where the numbers are staggering, but where the true costs may not yet have been factored.  On the U.S. private sector side, we continue to identify a cost of $201 per record with an average overall breach cost of $5.85M; and we know that 43% of U.S. firms experienced a 2014 breach (www.insidecounsel.com).  Further, a 2014 Ponemon study suggests that if your organization has more than 10,000 records, the probability of breach is 22%, whether or not your firm knows that it has been breached.



Peter Cerrato is a principal consultant for Forrester's Business Technology consulting practice.  

A very strange and sudden thing happened 66 million years ago. A comet crashing into the Mexican Yucatan peninsula near Chicxulub put an end to the long reign of the dinosaurs. But not so fast. We now know that some of those dinosaurs survived the massive Cretaceous-Tertiary extinction event: the smaller, faster, feathered and headed-toward-warm-blooded early ancestors of our eagles and hawks.

What can we as security and risk professionals learn from those early ancestors of today’s great raptors (and other birds) to make the leap required to survive the massive extinction event the business world is undergoing: the age of the customer?



It is easy to look at challenges to the enterprise data environment and view them as infrastructure problems or architectural problems or system problems. In reality, it is all a data problem – as in too much data coming in too quickly and in too much of a disjointed fashion.

And things are only going to get worse as organizations attempt to deal with Big Data, the Internet of Things, data mobility, and a host of other initiatives coming down the pike. So while measures to improve and expand infrastructure and architecture are vital as data trends emerge, so are ways to capture and manage these ever-increasing volumes without breaking the IT budget but still preserving the value of data within the overall business model.

According to MarketsandMarkets, the enterprise data management space is expected to nearly double in size by the end of the decade from today’s $64 billion to more than $105 billion, a compound annual growth rate of 10.2 percent. Key drivers here include the need for business continuity in the event of data loss plus the need to reduce the total cost of ownership of data, both of which are exacerbated by the flood of data coming into the enterprise. To meet this challenge, data management platforms are incorporating a wide range of disciplines, including integration, migration, warehousing, governance and security.



Bloggers like me often comment on how organizations are dealing with crises. I do often with a sense of dread knowing that I really don’t know what is going on inside and may not be aware of critical issues that are affecting the response.

That danger was highlighted to me to the extreme when I read today’s comments by Deborah Watson on PR Daily’s blog. My biggest concern is by getting the facts so wrong, the real lessons to be learned from BP’s reputation problems are missed, and therefore those interested will likely take away the wrong things.

I’ll comment on each of the five points she raises as BP’s biggest blunders. (Her comments are italicized).