As we transition to become a more digitally integrated business, it is vital that we have a futureproof IT infrastructure. Microsoft Azure provides us with the flexibility, scalability and resiliency we need in order to deliver a great IT experience to our employees and customers. This has been a true digital transformation, and the support provided by Daisy throughout the process has been invaluable. David Smith, Head of IT, JCB Finance
The Background
JCB Finance is one of the UK’s leading asset finance companies. With 50 years’ experience in providing asset finance for customers in the construction, agricultural and industrial sectors, JCB Finance offers fast and flexible finance solutions. Its offerings help companies preserve their working capital whist spreading the outlay on new assets in a cost-effective and tax efficient manner.
With a national field force, supported by a direct sales team at its head office in Rocester, Staffordshire, JCB Finance aims to provide JCB customers with access to state-of-the art finance options anywhere in the UK. Central to this approach is high-speed, efficiency and fairness, making JCB Finance a valued sales-aid partner to JCB and its dealers.
With an increasingly digital footprint, JCB’s customers are changing their buying habits – wanting to apply and manage their finance applications online and in real-time. This has required JCB to change a core element of its business model and become an integral part of the online JCB sales process, with customers being offered finance during their web transaction.
The challenge
JCB Finance customers previously had access to a 24/7 portal to view historical account information such as their current agreements and scheduled payments. However, the portal was limited to historical activities. To generate new agreements, customers needed to contact their dedicated relationship manager who would begin the paperwork before passing it back to JCB Finance to complete the process.
JCB Finance operated its own data centres, however this didn’t offer the scalability or resiliency required to support this new 24/7 business model. In addition, JCB Finance’s IT department was already spending a significant amount of time maintaining and patching its existing IT infrastructure.
As a result, JCB Finance made the decision to move its entire IT infrastructure and supporting applications to the public cloud. This would provide JCB Finance with a more dynamic and futureproof infrastructure, which would be responsive to any changes in the company’s strategic direction. By working with a managed services provider, JCB Finance was also aiming to reduce the time its internal IT team was spending “keeping the lights on” – allowing the team to focus on delivering new solutions to meet business needs.
The Solution
After evaluating its requirements, JCB Finance selected Daisy as its partner of choice due to its extensive experience in cloud, data centres and networking. Acting as JCB Finance’s Cloud Services Partner, Daisy helped transform the company’s existing IT infrastructure and applications to make them cloud ready. Then over a 12-month period, services were migrated away from JCB Finance’s old legacy infrastructure onto Microsoft Azure.
As part of the migration, Daisy worked closely with JCB Finance to test all disaster recovery plans, including ensuring that all previous bottlenecks and single points of failure were removed from the newly designed infrastructure. Daisy also helped to ensure that JCB Finance’s security posture was correct, which included the provision of a managed firewall service.
The Result
JCB Finance now has an evergreen and modern solution, with no legacy products being utilised within the business. In addition to supporting JCB Finance’s new online business model, the new IT backbone has also supported its move to remote working by improving the performance of applications being accessed by iPad users.
By moving to the public cloud, JCB Finance can now right-size server capacity in line with demand, something that simply wasn’t possible before. JCB Finance has also benefited from increased security as a result of moving to a SaaS and PaaS model. There are no longer delays in patching systems, and the internal team now spends significantly less time managing the new infrastructure, with Daisy on hand to provider third-line support if and when required.
David Davies, Business Continuity Consultant at Daisy, gives you his six most important steps to building operational resilience.
Step 01: Define your important business services (IBS)
As set out in the handbook of the Financial Conduct Authority (FCA) SYSC 15A. Important Business Services (IBS) are the key overarching services a firm delivers to its customers.
What makes a business service “important?” The FCA Handbook explains it as a disruption to that service would cause “intolerable harm” to clients or be a risk to the UK financial markets.
What is a business service? A business service may span across the work of many departments and be dependent on many services such as IT services and supplier services. Payments or mortgages may be a business service, for example. The IT system that runs the mortgage service isn’t a business service, the finance department which handles the majority of mortgage payments isn’t a business service, these are dependencies that need to be mapped to the business service.
Applicable firms should have identified their important business systems by 31 March 2022*.
Step 02: Set your impact tolerances for each IBS
The FCA Handbook defines impact tolerance as “maximum tolerable level of disruption” and is measured in time, and any other relevant measurements. To use the example, if the payments IBS failed for five minutes during a quiet period on a weekday afternoon there may be little impact. If it failed for longer it may cause “intolerable harm”.
In this way, the firm can prioritise the urgency to recover services that are within the list of important business systems. (as well as other services).
Applicable firms should have identified their IBS impact tolerances by 31 March 2022*.
Step 03: Map your dependencies sufficiently to have completed points 1 and 2.
Important business systems on their own are a bit abstract, it’s important to associate them with the departments, IT, suppliers and any other key dependencies which deliver them. This enables the firm to plan for the resilience of the IBS (potentially investing more to increase its resilience). It also enables the firm to focus recovery effort on the IBS during an incident, and to understand the dependencies which need to be tested to practice for an incident.
Applicable firms should have mapped their IBS’ dependencies by 31 March 2022*.
Step 04: Carry out scenario testing sufficiently to have completed points 1 and 2.
Scenario testing is important to validate the resilience and recovery capability of each IBS. This needs to be planned, and applicable for the dependencies. For example, IT services could be IT disaster recovery tested to prove that technology can failover, or recover from replicas or backups, while the key management decision-making for an IBS could be better tested by a simulation or paper-based exercise.
Applicable firms should have scenario tested their IBS’ dependencies by 31 March 2022*.
Step 05: Produce your first self-assessment document (to be updated regularly after that)
Firms will also be expected to self-assess the status of steps 1-4 on a regular basis. The self-assessment itself is defined in the FCA handbook SYSC 15A. As such, the FCA is making it clear that firms are expected to maintain the standards required of them.
Applicable firms should have a self-assessment document in place by 31 March 2022*.
Step 06: Operate and remain within impact tolerances
The additional target is for firms to be able to demonstrate that they have mapped and tested important business systems to operate and remain within their impact tolerances. As such, if there are gaps in resilience and recovery capability these will need to be understood and closed.
Applicable firms should have this in place, “as soon as possible after 31 March 2022, and no later than 31 March 2025.”*
*For more information on the FCA guidelines click here.
About the author
David Davies is an award-winning Business Resilience and IT Resilience Consultant at Daisy. He has worked in IT resilience and recovery for more than 20 years, starting in a technical role at IBM looking after data backups and testing disaster recovery on very large enterprise systems.
David moved on to project management of disaster recovery testing, then left IBM to work in business continuity consultancy over the last 15 years. In that time, David has worked with more than 150 organisations as a resilience consultant, some medium-sized but the vast majority being enterprise-sized organisations.
Unlock the value of your data by harnessing the power of data science…
The vast amounts of continuously changing financial data creates an ideal platform for engaging machine learning and AI tools into all areas of your business and provides a range of benefits including:
Automatic risk management
Predictive analysis
Manage customer data
Fraud detection
However, this is often easier said than done, as most businesses don’t have the capacity or specialist skills to use their own data to create opportunities for competitive advantage.
At Daisy, we help finance businesses explore and implement data science and analytics platforms to get real value out of their data.We use techniques including machine learning models to identify trends, highlight anomalies and predict future outcomes.
Written by Richard Forrest, Company Secretary, SSP Business Continuity Sponsor – a customer’s perspective on Daisy services…
The Background
SSP is a leading global supplier of technology systems and services to the insurance industry. With more than 35 years of industry experience, and with a highly-motivated, experienced and talented workforce comprising more than 700 employees, we help shape the industry by enabling insurers, brokers and financial advisers to serve their clients more efficiently.
The Challenge
Over recent years, SSP’s operating model has significantly increased in complexity and the associated risk and impact profiles has also changed dramatically. Our business continuity management system needed an overhaul if it was to keep pace with our risk appetite, and the demands of our stakeholders. We decided to upgrade our business continuity management system to support the evolving requirements of our investors, our strategic objectives, our risk landscape and our customer base.
As an existing customer of Daisy’s business continuity and maintenance services, we approached our Daisy account manager to discuss the ways in which Daisy’s Business Continuity offerings could help us operate a robust, intelligent management system that would give us increased continuity competence and resilience across a growing organisation. We needed to increase our ability to respond successfully to disruptive incidents, as well as assuring ourselves and our stakeholders that we understood our operating model within our threat landscape. We also needed to know if we had sufficient controls in place to continue our business, to protect our customers’ businesses and to minimise the likelihood and impact of disruptions. And for competitive advantage we required demonstrable certification of management to international standards (ISO 22301).
Daisy met with us at our offices in Solihull and listened to the challenges we faced in relation to business resiliency. Over a period of time we had tried to put in place a business continuity system, however, without the luxury of dedicated resources this was problematic with key staff always being re-focussed onto more immediate priorities. Lack of consistent resource availability and experience in business continuity planning meant that results were inconsistent across the business and keeping things properly up to date was a real headache. Daisy consultants, using their Business Continuity as a Service (BCaaS) model, put together an initial scope of works which broke down the necessary activities so that with input from SSP, a programme of works could be developed. This was further refined to balance requirements with budget and to create a fixed scope of service with a fixed price.
The Solution
We chose Daisy’s BCaaS solution which included design and implementation of an economical business continuity management system tailored to our strategic objectives and risk appetite. Owned and steered by us, the management system would be administered and improved by Daisy’s industry-leading consultancy team. This service also utilises Daisy’s business continuity software “Shadow-Planner” in two main ways. Firstly the mobile app would put key responder guidance available on our mobile phones and within reach at time of need, and secondly the Shadow-Planner management tool would be used to gather and analyse risk and continuity data, and to track and monitor the business continuity management system (BCMS) and its outputs against our strategic risks and objectives.
The Result
Most recently, the BCMS proved its worth in early 2020 in response to the COVID-19 pandemic, when we used our well-rehearsed command, control and communications framework and our BC intelligence to implement staff relocation and work transfer strategies to keep our business going despite denial of access to buildings and absences of staff caused by lockdowns in all of the territories in which we operate. We’re quite proud that we achieved it within 72 hours of the point of invocation. Earlier continuity risk analysis generated by the Daisy-administered BCMS had already allowed us to boost our command, control and communications capabilities and showed where we needed a range of mitigations for our risk scenarios of concern. Subsequently we used our BCMS and risk management system to put those mitigations in place, so when COVID-19 hit we were already ready to deploy a number of the necessary strategies.
Thanks to the structures, strategies and plans developed jointly over the last few years by SSP and Daisy and specifically our BCMS, we have successfully expedited responses to a number of other disruptions. Training and rehearsals have prepared our teams to more confidently take command and control of incident responses and to make faster and better-informed decisions so the outcomes of our real or rehearsed incident responses are improving. Daisy’s Shadow-Planner mobile app has helped responders to access the guidance and contact details they need in the immediate term, and we’re now looking to extend its use by making technical recovery guidance and contacts available via the app too.
But it is the repeating lifecycle of BCMS activities that keeps awareness of threats and vulnerabilities on the management agenda and works to embed key management principles into SSP’s DNA. We saw immediate value during the first lifecycle as Daisy worked with us to standardise the approach to continuity risk management across our changing organisation. Standardisation allowed us a more consistent analysis of continuity risks and impacts and to access, leverage and spread responder and continuity expertise across the whole organisation. Daisy’s Shadow-Planner administration software does most of the administration for programme scheduling, document control and number crunching so our BC budget and people are released to focus on preparedness. As a result, we have increased our control of continuity risks and improved our conversations about it. These conversations have matured over time and now form part of wider conversations about, for example, emergency preparedness, command, control and communications, crisis management, disaster recovery and risk management. Daisy’s promotion of group-wide understanding of these wider disciplines has improved our adoption of key principles of organisational resilience into our daily thinking, and we believe Daisy’s management systems approach has provided us with demonstrable improvement of our system, competence and capability to meet international standards (ISO 22301).
Check out our 60 second video and find out how CloudBridge portal can save you time and give you the visibility and control you need to easily manage your cloud estate.
Manage your cloud services from a single dashboard
With the Daisy CloudBridge Portal, you can easily control your cloud estate from a single dashboard. Add Microsoft 365 licences, allocate them to users, view event logs, analyse billing and reporting, view usage of compute, storage, and network, plus get complete cost visibility including forecasts giving you a view into the future.
Self-serve Microsoft 365 subscriptions at the click of a button
No more requests and time spent waiting for Microsoft 365 subscriptions. With the Daisy CloudBridge Portal, you can add licences in just a few clicks with complete cost visibility, and quickly assign them to users.
Easily add and subtract users and simply allocate licences to each user
You can add users to Microsoft 365 quickly and easily, saving you time and making you more efficient and productive.
View event logs including user history, subscriptions information and subscription changes
View a historical list of events and approval requests, so you are never in the dark and always have an unrestricted view of what’s going on in your cloud estate.
Manage Azure subscriptions and usage
View your Azure usage, costs and reporting as well as all of your subscriptions and users.
Take control with complete cost visibility
The Cloudbridge Portal offers you complete transparency and visibility of your costs. View and export all of your invoices, billing and reporting from one easy to manage location.
View billing and reporting for each service
Dive into each service area for a more granular look at the billing and reporting for each service
View usage of compute, storage, and virtual network
You can easily stay on top of compute, storage, and network to ensure everything runs smoothly and there are no nasty surprises.
See into the future. Forecast future usage and costs
Use predictive forecasting to see into the future to help you make informed decisions without any guesswork.
To find out more about CloudBridge, visit our CloudBridge page or get in touch with one of our cloud experts.
Every cloud is unique when you look at them, every one different to its peers. But even in that uniqueness we can group them into types; Stratocumulus. Cirrus. Cumulonimbus and so on. Even more fundamentally, each and every cloud is constructed of water vapour. H2O.
It is the same when you are planning your journey to the cloud. You are unique, your organisation is unique, and your cloud strategy will be too – but that doesn’t mean that you can’t group what you are trying to achieve and distil it down to your fundamental concerns at the same as identifying the benefits and building your business case: organisational agility, productivity, efficiency, scalability and cost-effectiveness.
Every cloud has its silver lining but it is sometimes a little difficult to get it to the mint.
Don Marquis
Don’t think of the uniqueness of your organisation as being a barrier to adopting a cloud strategy – the bespoke nature of hybrid cloud architecture means you won’t be hammering a square peg into a round hole but creating an environment that fits your organisation.
So how do you mint that silver lining of a hybrid cloud strategy?
Which kind of cloud are you?
Firstly, it sounds simple but is often missed, we need to make an inventory of your current state. Identifying all the workloads, your user base and rate of usage for each of these workloads, calculating the cost of compute, storage and networking, defining the security, recovery and continuity needs and finally researching the all legal and compliance implications for these.
Sounds a lot but without this baseline we won’t be able to accurately assess what you have, what you need and what you want to change. Below are some pointers to help evaluate each of these areas and begin to build a picture of your estate.
Sound daunting? Our experts are on hand to help you with as little or as much of this process as you need. Get in touch to find out how we can help.
Make an inventory of workloads
The best place to begin? Making an inventory of all of your organisation’s applications and workflows, such as email systems, finance applications, databases, and CRM systems. Starting from the top and working down.
Next, we determine which workloads are business-critical, whether there is any sensitive data, which of these are prime candidates for public cloud, and which need to be highly available.
It’s a good idea to estimate the effort to move each workload to the cloud and the advantage of doing so; even a simple classification of high effort/low effort, high value/low value will give an idea.
High Effort/High Value
Contact Centre
High Effort/Low Value
Dev/Test
Low Value/High Value
Data Warehouse
Low Effort/Low Value
Once a birds-eye view of these workloads has been established, the task of planning where each workload should reside becomes easier. This is something your internal teams may want to undertake or we can assist and help produce.
Identify User Base & Rate of Usage
Once we have mapped out all of your workloads, their importance to your organisation and where you can gain the most benefit from migrating them to the cloud, the next step is to identify the rate of usage and user base. This is important in order to know how you can go about executing a migration with as little effect on your users and customers as possible as well as what kind of configurations are needed.
Calculate costs
An essential part of any business decision is, of course, costing it out. What kind of level of compute is necessary? How much storage do you need? What are the networking costs? As we know the level of storage required is likely to grow and change, our cloud experts think ahead to minimise future storage costs and other hidden costs that may arise.
Define security & recovery needs
Identify your businesses appetite for risk and requirements to meet industry or customer standards is a vital part of the process; what kind of SLAs need to be in place? What sort of failover and business continuity considerations need to be taken? What are the security implications of the planned migration so far?
With more than 30 years’ experience in business recovery, we have experts on hand to assist with these critical considerations which can have some grey areas and intricacies.
Research legal
Just like for when you are assessing your security and recovery needs, make sure you are aware of the compliance and legal guidelines that your organisation must adhere to. What about future considerations? Getting all information available together at this stage is vital for planning your next steps.
Choose a type of migration
Do you need a platform-as-a-service (PaaS) where the virtual machines (VMs) are configured by the service provider? Or is this something you can do in-house with infrastructure-as-a-service (IaaS)?
What about considerations like rolling back from Public Cloud? Is there a path back? Make sure you have a strategy that includes optional paths in the future means that you won’t ever paint yourself into a proverbial corner.
Got some silver already?
If you are already utilising a hybrid cloud architecture and are interested in changing things up, this may still help. If not, get in touch with one of our cloud experts and we can talk through your requirements and advise you on the optimal path and how we can help.
Thinking of starting your cloud journey, or just need advice on your current cloud architecture? Get in touch today with one of our experts, and we can help talk through your requirements.
Mitel’s Head of Financial Services discusses how a solid CX strategy can drive revenue.
A solid customer experience (CX) strategy will not only ensure that customer expectations are exceeded in the digital era, but will also improve business processes and drive revenue. In today’s environment, where customers are demanding even more from digital platforms, a superior digital customer experience is a must if you want to maintain a competitive edge. Continue reading “Digital Customer Experience (CX) in Financial Services”
In this customer experience white paper, we discuss the digital customer experience (CX) and how it has shifted from a “nice to have” to an essential service.
More than ever, customer experience (CX) is shaped and delivered through digital interactions. While the majority of customer communications are still voice-based, consumers now rely more heavily on digital methods, such as email, SMS, web chat and social media. They expect the flexibility to interact through the medium of their choice, wherever they are. And, they expect to be able to switch between one medium and another while they are on the move.
The latest market research puts this reality into perspective. 9 out of 10 consumers want absolute omnichannel service – they expect a seamless experience when moving from one communication method to another, such as phone to text or chat to phone. 57% of customers would rather contact companies via digital media such as email or social media rather than use voice-based customer support. At the same time, consumers are now empowered by social media. Over one third of the world’s population has active social accounts. These consumers are comfortable posting their opinions and observations about their experiences on social media. In this environment, a negative customer service story can easily go viral.
This whitepaper provides more stats like this, discusses the digital customer experience and how it has shifted from a “nice to have” offering to an essential service, before providing an overview of the digital expectations and habits of today’s consumer and offers practical next steps for transforming customer experience from dated to digital.
Aruba’s Security Sales Specialist Richard Leadbetter discusses the role of security across wired and wireless networks.
Regardless of the changing types of attacks, one consistent threat regularly hits the top spot; people. The human factor all too readily providing misplaced trust and casual clicks that lead to media fanned disaster. It’s a valid concern but the problem I’m seeing rise the fastest is the worrying lack of trained cybersecurity staff to help businesses protect themselves, and to respond when things go wrong. Continue reading “Guest Blog: The Biggest Threat to Security”
Privacy Overview
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
