Have your say at computerweekly.com
On skills shortages and recruitment agencies
In response to reports that a quarter of businesses are struggling to keep skilled staff following a surge in demand (Computer Weekly, 15 February)
For years organisations have complained about a lack of good IT skills, but this belief that IT skills are thin on the ground is a myth created in part by the recruitment agencies that have a stranglehold on the IT industry.
Many agencies lack IT understanding, have inappropriate selection techniques and non-existent qualification procedures, which means they end up needing to convince employers to accept candidates irrespective of their suitability for a role.
It is not a lack of skills on the market, but a lack of understanding on the part of agencies that has caused employer confidence to wane.
To successfully recruit for IT positions you need to have an understanding of the vacant role and, more importantly, the ability to assess the technical and other skills required to fill it.
That a slapdash approach to recruitment continued during the downturn when the market was flush with exceptional people is worrying. As the number of vacancies rises, organisations need to take a more proactive approach and demand a better service from recruitment companies if they want to employ the calibre of people they need to make the most of the upturn.
Jerry Cave, director, Plan-Net
I am fed up with employment agencies. No longer do I just get a call from an agent asking, "Do you fancy working for a multinational in Slough for £450 a day on a three-month contract?" They are looking for exactly your skill set, experience and qualifications.
In the past I would be asked only to read an e-mail of the job spec and, if interested, send an updated CV. Nowadays the client wants a compliance matrix - a couple of dozen requirements, each one a mini essay - questioning my experience of facilitating workshops, or change management experience, or aptitude for working on multiple projects at any one time.
These take half a day to complete. The agency gives no acknowledgement unless the client asks to interview me. Did my application arrive in time? Did the agency decide to pass it on to the client? Did the client change their mind? Am I over- or underqualified? I will never know.
On securing corporate wireless networks
In response to warnings that rogue wireless access points can put your company at risk from hackers, whether you have a wireless network or not (Computer Weekly, 25 January)
The process of securing a wireless Lan is ongoing. With even the most robust security strategy, firms must proactively and regularly monitor and enforce compliance.
Policy compliance requires ongoing monitoring of the configuration of every access point and client on a network and the security measures on each.
This is easier said than done as more wireless-ready hardware is shipped with little or no security. Some laptops, for example, have default settings that automatically search out the nearest wireless network, so you are in danger of connecting to your neighbour's unsecured network and they to yours.
The threats posed by this "overlapping" are easily rectified by switching defaults off as a matter of course, but we routinely find unsecured laptops and access points in service at the world's largest companies.
Rogue access points are among more than 100 unique security and performance challenges that need to be watched, many of which come from outside a company's own wireless installation.
A detailed site survey, backed up by continuous sweeps with a wireless monitoring system, is the only way to ensure network integrity and optimal network performance, combined with education to make employees think twice about connecting wireless devices.
Rich Mironov, AirMagnet
Firms need qualified IT security staff
I was surprised by comments in the article "Open the door to a secure career" (Computer Weekly, 8 February).
To suggest that outsourcing work to freelance consultants solves the problem of identifying and hiring qualified security staff shows a lack of foresight.
Companies worry about training staff who then leave to work elsewhere. Imagine the greater risk of not training staff and having them stay.
Although outsourcing to external consultants presents a quick fix for an individual requirement, the industry must recognise that moving responsibility for critical functions outside a company offers only a short-term gain. And it depletes the company's knowledge base.
How are we to resolve skills shortages when organisations are not encouraged to invest in their own staff? We need to invest in people - not around them.
I welcome the emergence of a standards body such as the Information Security Professionals Working Group, although this is not a new development.
Global industry associations have already been delivering supplier-neutral security certifications to help companies evaluate potential recruits and their existing staff.
A proliferation of security certifications makes it hard for organisations to know how to best assess their resources.
The need for a single standard around which the industry can unite is greater than ever.
Matthew Poyiadgi, regional director, Europe, CompTIA
Value of benchmarking is in what is measured
In the recent article on benchmarking and IT performance (Computer Weekly, 8 February), it appeared to me that, although benchmarking can be useful in measuring the performance of the IT department, the problem really lies in what people are measuring.
Far too often they focus on how the IT infrastructure is performing from a technical standpoint, rather than looking at how it is performing in relation to the business.
Only by looking at how IT affects the performance of specific business processes can you assess how it is performing against overall business goals. In managing the performance of IT, organisations need to create more dialogue between IT and the rest of the business.
For example, IT should be talking to individual business departments about the type of performance they require from the systems they use.
A performance benchmark or service level agreement can then be created which will, in turn, provide the business with a way to measure its performance.
Essentially, IT departments need to manage their systems in a way that allows them to demonstrate the effect IT performance has on the business, in a language business users can understand.
Derek Lewis, software manager, Morse
E-gov £1.2bn efficiency gains are not so simple
I read with interest your report on local government minister Phil Hope's expectations to achieve £1.2bn in efficiency gains by 2007-2008 as a result of the e-government agenda (Computer Weekly, 8 February).
Although Hope's target is not impossible, it will not be as straightforward as policy-makers seem to think.
There is no doubt IT products procured and implemented by local authorities to meet the e-government agenda are improving communication between councils and their citizens.
However, efficiency savings will not be realised until councils and their IT suppliers create a detailed web strategy that will completely remove the need for any manual intervention.
At the moment, for example, citizens may submit a benefit form by visiting their council's website. This information is automatically populated through the web back-end but, as local authorities can be running several different systems obtained from different IT suppliers, the details often have to be manually entered to complete the process.
Operating in this way raises the question of whether there is any added value in local authorities putting their services online. If manual intervention is required in the simplest processes, cost efficiencies are not achieved.
Paul Smith, technical director, Comino
Business must buy into e-government too
Your article on e-government (Computer Weekly, 15 February) made fascinating and encouraging reading.
As the 2005 e-government deadline approaches, you are right to focus on the savings the programme was designed to deliver.
However, the article did miss one point. Although you recognised that citizens must be encouraged to use the services, so too must businesses.
This is already happening across the country in areas such as e-procurement, which is granting many small businesses the chance to bid for contracts whereas previously they were locked out by the system.
In the specific case of town and country planning, the government has to engage not just the public but the architects, housebuilders, developers and consultants who make planning applications.
Planning has traditionally been a paper-based and wasteful system, arduous for planning agents and construction firms alike.
The Planning Portal (www.planningportal.gov.uk) is bringing the process online for firms that handle planning applications.
This year is a momentous one for e-government, and it is important that publications such as Computer Weekly highlight exactly how taxpayers' money is being spent and urge it to deliver.
But it would be a shame if businesses, often small and under-resourced, were not given similar encouragement in embracing modernisation.
Paul Kilner, director, Planning Portal
If you have something to say, we want to hear from you. E-mail [email protected]. Please include a daytime telephone number.