Bring Your Own Device is being heralded as the future of business computing and communication. But as Mark Hyland, UK Country Manager at Fortinet reveals, the pressing challenge for organisations is how to embrace an unavoidable practice while minimising its risks.
The evolution of Bring Your Own Device (BYOD) trend has been as profound as it has been rapid. It represents the most visible sign that the boundaries between personal life and work life are blurring. The 9-to-5 model of working solely from the office has become archaic and increasingly people work extended hours from a range of locations including the workplace, out in the field, during the commute, and from home. We truly live in a 24/7 global workplace and few people are surprised to receive business emails late in the evening.
At the very heart of this evolution is the ability to access enterprise networks from anywhere, anytime. The range of tools which enable this constant connectivity are becoming more powerful all the time, with laptops, tablets and smartphones allowing access to a range of communications and business applications, while cloud computing serves to effectively extend the office out of the office.
The much-heralded benefit of BYOD is greater productivity. However, recent research has suggested that it may actually be the great myth of BYOD and the reality is that BYOD in practice poses new challenges that may outweigh the benefits, if it is not properly addressed by the organisation.
A worldwide survey commissioned by Fortinet – a world leader in high performance network security – chose to look at attitudes towards BYOD and security from the point of view of the user instead of the IT manager. Specifically, the survey, conducted in 15 countries, focused on graduate twenty-something employees. This group represents the first generation to enter the workplace with an understanding and expectation of own-device use. They also represent tomorrow’s influencers and decision makers.
The survey findings will concern both network managers responsible for security, as well as senior management ultimately responsible for the strategic decision about the degree to which the business embraces BYOD. For financial organisations, this decision becomes even more critical. Larger organisations will have mature IT strategies and policies in place. But what about smaller financial businesses that might not have such well developed strategies and for whom the culture of BYOD might already be established in the workplace? Should they be concerned about the behavior and attitudes of staff, especially younger employees?
Crucially, within this younger employee group, BYOD is predominantly considered a right rather than a privilege, with over half (55%) of people sharing an expectation that they should be allowed to use their own devices in the workplace or for work purposes. With this expectation comes the very real risk that employees feel so strongly they will consider ignoring company policy banning the use of own devices. More than a third (36%) of people polled admitted that they have, or would contravene such a policy. However, this latter statistic, worrying though it is, has noticeable geographic differences with India being the most risk-laden territory. An astonishing 66% of survey respondents from India admitted that they are willing to contravene policy.
The threat posed by this level of subversion cannot be overstated. For example, people are increasingly tech savvy and able to set up their own smartphones to access work email without assistance from IT departments. But with the Android OS being a huge growth area for malware, and with people using their smartphones to access social media such as Facebook (an increasingly dangerous environment), it quickly becomes obvious where the threats lie.
The survey casts doubt on the idea of BYOD leading to greater productivity by revealing the real reason people want to use their own devices. Only 26% of people in this age group cite efficiency as the reason they want to use their own devices, while 33% admit that the main reason is so they have access to their favourite applications. But with personal applications so close to hand, the risks to the business must surely include distraction and timewasting. To support this assumption, 46% of people polled acknowledge timewasting as the greatest threat to the organisation, with 42% citing greater exposure to malicious IT and theft or loss of confidential data. Yet, even with this widespread understanding of the downsides to BYOD, only 27% believe the risks outweigh the benefits for their organisation.
Clearly, from a user perspective there is a great deal of contradiction surrounding BYOD and an undercurrent of selfishness where users expect to use their own devices, but mostly for personal interest. They recognise the risks to the organisation but are adamant that those risks are worth taking.
So what of responsibility? This is a key question for any business considering a policy governing BYOD, as the challenge for the organisation is to put in place security measures to ensure safe integration of user-owned devices. But to do that requires the cooperation of the device owner. The Fortinet survey suggests that gaining cooperation and compliance from employees might not be that straightforward.
Two thirds (66%) of people polled considered themselves to be ultimately responsible for security on their own devices, with only 22% putting the burden of responsibility with the organisation. This would suggest that, while the owners are more than happy to use their own devices in the work environment, they might be highly resistant to any suggestion that the organisation puts any limits on usage or interference with the device to install security measures.
The full extent of the delicate balancing act facing the organisation is finally revealed with the statistic that nearly 1-in-5 people would consider holding back their own devices if they felt that the organisation’s security systems were so vulnerable as to pose a real risk to their own personal data. As far as the users are concerned, BYOD is something that they approach very much on their own terms.
BYOD is here to stay. While the Fortinet survey balances the widely held belief that BYOD is mostly beneficial to business by highlighting some key security challenges, it also shows that organisations must address the issue at the earliest stage if they are to extract any benefits from a practice that they will have great difficulty resisting. With users more than willing to adopt subversive strategies for their own device use, the organisation needs to ensure control of its IT infrastructure as soon as possible. The most effective way to do this is by securing inbound and outbound access to the corporate network and not just implementing Mobile Device Management. It is a dangerous strategy to rely on a single technology to address the security challenges. The strategy should be one of granular control over users and applications, on top of devices.
The reality is that technology consumerisation is invading the workplace, but the organisation cannot afford to simply stand back and let users have their way. It’s time for the business world to stand its ground.
Bots Are People Too: Robotic Process Automation in Finance
By Tom Venables, Practice Director – Application & Cyber Security at Turnkey Consulting
As technology has advanced, Robotic Process Automation (RPA) has become a valuable tool for finance teams in streamlining everyday processes and operations. Until 2020, RPA worked in combination with skilled human resource to get these vital tasks done – and then came COVID-19.
The economic shock of the pandemic has led many organisations to pare back their workforces, and consequently they are increasingly turning to RPA in order to get the same jobs done for a smaller financial outlay. This acceleration in adoption can deliver huge benefits for these organisations, but comes with a number of tricky challenges to navigate, especially around security, risk and the management of system access.
Removing the margin for error
The premise of using RPA over human finance operatives is clear: robots don’t get tired or bored. Even the most skilled and experienced employee in the world will be fatigued by dealing with a seemingly endless stream of invoice amounts, PO numbers and other data and, over time, it’s easy for mistakes to creep in.
RPA bots don’t have this problem (and neither do they have to be regularly fuelled with coffee). They have the ability to read an invoice, attribute the information within it to the appropriate PO number, and set in motion all the payment and ledger activity related to that data. Not only do they do all that more reliably than humans, but they do so much faster and more cheaply. However, this ideal vision can only be achieved if RPA is built and implemented into a business correctly.
Different cure, same treatment
RPA bots do have incredible capabilities for automating and streamlining all these processes – but they first have to be told exactly what to do and how to do it. At a minimum, the controls that apply to human finance staff also need to be deployed to bots, with a view to these controls being even more robust, given the larger workloads bots can take on. It may also be necessary to amend controls so that they reflect the new ways of working; as the business processes change, so too do the key control points which must be captured.
This requires three key elements to be considered:
- Control execution points: taking an accounts payable (AP) process as an example, an AP clerk will approve processes manually, then pass onto the AP manager so that it has been checked by at least two people. RPA removes this function and reduces the level of human intervention to spot-checks; to avoid errors such as duplicate payments, it is essential to have automated controls working properly.
- Failure indicators: depending on how they are configured, bots can (occasionally) make mistakes, such as misjudging numbers of a similar format and putting a PO number in as an amount. Bots can resolve these issues themselves, but only if they know about the types of errors they should be looking for.
- Robust testing: both of the points above mean rigourous testing is critical; how meticulous that testing needs to be depends on the amount of work RPA is taking on. If, for example, RPA is handling half the cash outgoings at an organisation, then controls need to be sufficiently strong to match the risk posed to the business if things go wrong.
Safety still comes first
Along with controls, how RPA fits in with the organisation’s security provisions must also be considered. Bots can process a large number of invoices in a very short period of time. This speed is potentially enough to trigger warnings around security breaches as System Information and Event Management (SIEM) systems may perceive it as abnormal activity and flag it as a threat to the organisation; allowances need to be made to accommodate this major change in ‘usual’ activity.
It’s also worth remembering that bots are also pieces of software and, like any piece of software, they are therefore at risk of cyber attack. Because they are required to process lots of sensitive information at high speed without triggering alerts, they are often an attractive target for cyber-criminals. As well as considering bot security such as who can access their configuration, it is crucial to keep the authorisation assigned to bots to an absolute minimum in order to limit their risk profile and eliminate credentials often given to them that are unnecessary. Minimum authorisation states that the (bot or human) user should have only the level of access needed to perform the tasks required of them. The high volumes of processing undertaken by bot accounts reinforces the need to apply this principle, despite the temptation to ensure they can work with multiple scenarios without interuption by widening authorisation (which increases the risk they can undertake activity they shouldn’t).
Overall, RPA bots can and should be immensely powerful assets to most organisations in the unpredictable months and years ahead – but only with the right implementation. With risk, security and controls kept front of mind, the efficiency of finance operations can be improved, resulting in meaningful savings, and a reduction in the pressure put on the human finance staff.
How to drive effective AI adoption in investment management firms
Artificial intelligence (AI) has the potential to augment the work of investment management firms to unprecedented levels, powering decision-making, driving efficiencies, and ultimately improving performance. In fact, the market for AI in asset management is expected to grow to an astounding US$13.43 billion by 2027, expanding at a CAGR of 37.1% between 2020 and 2027. Innovative firms are applying AI across the industry value chain and transforming the ways in which they use the ever-expanding amounts of data that are available to them.
However, that’s not to say that there aren’t challenges and obstacles involved in leveraging the technology. AI adoption is not a ‘magic bullet’ that can solve inefficiencies without the right set-up, nor should it be treated as a simple ‘add-on’ that portfolio managers (PMs) can tap into when they see fit. AI implementation in an investment management firm requires a number of prerequisites in order to have maximum impact. But first, let’s take a look at exactly how AI can boost the performance of investment management firms.
How AI adds value
Implementing data analytics into the investment management value chain holds a number of benefits. For example, when it comes to front office operations, AI can supplement investment decisions by drawing insights from alternative sources of data such as satellite imagery or social media, while also automating the analysis of large datasets. Data science teams working within investment management can build simulations to allow PMs to predict the performance of new investment ideas. They can also use AI for trading – to optimize trade execution and automate trading decisions.
One example of using AI to power alpha generation comes from Man Group, which saw a five times increase in assets between 2014 and 2018, and whose funds that incorporate AI total more than US$12 billion. Front office operations are arguably the business area where AI holds the most potential.
When it comes to distribution and marketing, AI can improve prospect and sales targeting using segmentation, predict and reduce attrition, support personalization, and help develop pricing algorithms. Data analytics can also be implemented into the areas of operations, tech, and support to automate processes, improve talent targeting, predict team member performance, and strengthen compliance, amongst other uses.
Going beyond simply reducing costs and driving efficiencies, AI is providing new opportunities for investment management firms to transform how they use data to operate and inform decisions. But despite all of this, adoption levels are still relatively low: A 2019 survey by the CFA Institute found that only 10% of PMs responding had used machine learning (ML) techniques during the year prior. Furthermore, a 2019 report by BCG found that less than 30% of asset management firms are actively leveraging data analytics. Evidently, launching an AI project is not an overnight process – nor is it one that guarantees success without the right prerequisites in place.
Here’s how investment management firms can set themselves up for success and ensure readiness for AI implementation.
Embed a data culture
Before steaming ahead with any AI project, investment management firms need to ensure that the entire organization appreciates the value of data-driven decision making. A firm may have already hired a data science team or gained access to alternative data sets, but if it doesn’t have a culture of systematic decision making that permeates across the organization, the success of any AI project will be limited.
How can firms ensure that this is the case?
Ultimately, building data-driven must start at the top: the CEO, CIO, and all other executives must lead by example and evidence of their own commitment to data-based decisions. If leaders want their teams to leverage data at all points of decision-making, they must make the data accessible for non-technical employees and provide training on how to use any relevant tools. Teams must feel comfortable with the why of data analytics solutions, so management must make them explainable while ensuring they are aware of the capabilities and limitations of AI. And finally, the data science team must avoid working in a silo, away from the other business functions of the firm.
Reconfigure the team structure
The core investment process must be re-thought, from the ground up. Data science teams must be driven by a business need which is provided by the PM, and then the two must work together to co-develop the right solution.
In addition to having a centralized data science team, the firm should have decentralized data scientists that sit within the business unit. The central team should focus primarily on data acquisition, cleaning, and ensuring reliability. The rest of the work should be done by data scientists on the PMs team – this will ensure the work is in-line with the business needs and will actually be used by the PM. With the clean, reliable data coming from the data acquisition team, the data scientists can rapidly prototype ideas for the PM.
Invest in the right software
Too many investment management firms attempt to build all of their AI software in-house. While the software that’s required for core operations and stems from core finance expertise should be developed internally, this does not apply to all other solutions being used.
For example, data analysis and automation tools that leverage ML domains such as language processing, big data processing, or image processing should not be built in-house. Constructing these systems internally is expensive, time-consuming, and means hiring for skills that would otherwise not be required within the firm. Not to mention, such systems would need a large and active development force to continuously maintain them.
That’s why it’s advisable for firms to find a third-party vendor who can take care of building the feature set that’s required, update the software with its latest version, and scale according to needs. This vendor will also take measures to ensure that the firm’s standards are consistent with its peers, and importantly, keep the system stable and secure. By integrating with a third party vendor, data science teams can focus on the core business objectives and maximize the use of overall resources.
While AI offers countless opportunities for investment management firms to augment and power decision-making and is already setting apart the top-performing firms from those that lag behind in adoption. With so much potential to enhance portfolio performance, AI adoption should be viewed as non-negotiable for forward-looking and innovative firms. It is paramount, however, that these firms embed a data-driven approach across all teams – not just PMs – and provide the structures and tools necessary for results to flourish.
Democratising today’s business software with integrated cloud suites
By Gibu Mathew, VP & GM, APAC, Zoho Corporation
Advances in the cloud have changed the way we interact with the world. From how we pay our bills to how we communicate, to how we navigate the city streets, the cloud’s arrival has proven disruptive to the old ways of doing things.
This is perhaps no more true than in the realm of business software, an industry that has seen seismic shifts in the last two decades, and is now witnessing rapid adoption due to the global crisis in the last six months. Expensive, exceedingly complicated software that once was the purview of the few is now available to the masses, courtesy of the cloud and attendant improvements in technology. These strides have resulted in the democratisation of business software, the changing of an once-scarce resource into something everyone can access and use.
The shift to a more democratic, user-friendly, and affordable breed of business software has come about for a lot of reasons. Here are a few of the biggest ones:
THE CONSUMERISATION OF IT
As software has become more and more important to our day-to-day lives, it has also become friendlier for the end user. Actions that used to require reams of code and loads of technical know-how can now be completed with just a drag and a drop. Business software has followed suit, and increasingly looks, feels, and acts like consumer software. And with intuitive interfaces and familiar features, no specialised skills or training are required to get things up and keep them running.
MAINTAINING PRODUCTIVITY ON-THE-GO
The smartphone has put powerful computing technology in the palm of your hand and lets your business go everywhere you do. Sophisticated yet easy-to-use software is available ubiquitously, meaning that employees are no longer chained to desktop systems. In fact, driving and maintaining information across while you are on-the-go becomes a more seamless process. Software vendors whom are more customer centric, are providing mobile version as another mean of access on top of their services that runs on browser. Through real-time function, employees remain connected, and ground observation made during field work are readily updated through the cloud.
THE TECHNOLOGY BUFFET
Part and parcel of the democratsation of software is the rise in consumer choice. Every day, new solutions are added to app galleries and marketplaces around the web, giving people multiple ways to tackle any business process. These app stores also give businesses the opportunity to see what other companies are doing to tackle similar problems.
There used to be a handful of software vendors that a business could choose from; now there are hundreds. Because there are so many options, customers can choose how they want to manage their processes without having to learn new skills.
THE GREAT EQUALISER
Business software used to require a massive capital expenditure. As a consequence, only large companies with deep pockets could afford the features and capabilities software systems provided. However, the rise of the cloud and mobile technology have put an end to the need for installed, on-premise systems, and the costs (and time) associated with them. You no longer need a room full of servers or high capEx to run your business; a smartphone will do just fine. The result? Small businesses finally have access to the tools the “big boys” have had for years, and can now provide the same world-class experience to their customers.
SOFTWARE THAT YOU CAN PROVISION
As software has gotten easier to use, more people are using software. Decisions about what systems a business would run was left to people with diplomas in computer engineering. But no more. Today’s business software is more user-friendly than ever, meaning that even non-specialists can be as empowered as the pros to make decisions about the systems they’ll employ.
What’s more, advances in data virtualisation enables people to access the information they need without requiring special tools or knowledge. Data can now be retrieved and analysed by non technical individuals without having to know its structure, location, or format; this means a lot more people can have access to the details they need, without needing a bunch of training to get there. You can finally get rid of the IT gatekeepers and take charge of your business.
We believe that software is making the world better, but you still need the right suite. You need software that is easy enough for a tech novice to use, powerful enough for the expert, and priced reasonably enough so as not to impact anyone’s bottomline. Find a business solutions suite that’s “all-in” on cloud computing, includes a large selection of apps that are designed to handle every business process and run on every device. On top of that, it has to be affordable and, in the current times, prioritise data privacy and security. Most importantly, be confident that the provider you choose has business goals aligned to yours and are happy and willing to help you every step of the way.
Data Unions, fisherfolk and DeFi
By Ruby Short, Streamr In the fintech world it seems every month there’s a new trend or terminology to get...
Deloitte: Middle East organizations need to rethink their workforce in the wake of COVID-19
Organizations in the Middle East have had to take immediate actions in reaction to the COVID-19 pandemic, such as shifting...
One in five insurance customers saw an improvement in customer service over lockdown, research shows
SAS research reveals that insurers improved their customer experience during lockdown One in five insurance customers noted an improvement in...
ECOMMPAY expands Open Banking payments solution to Europe
Open Banking by ECOMMPAY facilitates fast, secure and simple payments International payment service provider and direct bank card acquirer, ECOMMPAY, has...
Bots Are People Too: Robotic Process Automation in Finance
By Tom Venables, Practice Director – Application & Cyber Security at Turnkey Consulting As technology has advanced, Robotic Process Automation...
The power of superstar firms amid the pandemic: should regulators intervene?
By Professor Anton Korinek, Darden School of Business and Research Associate at the Oxford Future of Humanity Institute. Gosia Glinska, associate...
How to drive effective AI adoption in investment management firms
By Chandini Jain, CEO of Auquan Artificial intelligence (AI) has the potential to augment the work of investment management firms...
Democratising today’s business software with integrated cloud suites
By Gibu Mathew, VP & GM, APAC, Zoho Corporation Advances in the cloud have changed the way we interact with...
Why the UK is standing tall at the forefront of fintech
By Michael Magrath, Director of Global Standards and Regulations, OneSpan In recent years, the UK has established itself as one...
How CFO’s can Help Their Businesses Successfully Navigate The Financial Fallout From COVID-19
By Mohamed Chaudry, Group CFO of FoodHub 2020 has been one of the toughest years in recent memory for business....