Obsession is not a dirty word

By

Information security manager of the year Tony Ritson talks to Ron Condon about how he made his firm the industry standard

Supplying Chinese food to restaurants might not immediately spring to mind when you think of mission-critical businesses. But for Tony Ritson, head of IT for Birmingham's Wing Yip, continuity of service is an absolute must.

Obsession is not a dirty word

Nothing has been left to chance in the company's networked systems, which he has created over the past six years.

Wing Yip stores need to operate without a hitch seven days a week, and failsafe systems are a crucial part of the operation. Ritson has taken a real belt-and-braces approach and produced an architecture that is a model of resilience.

He is a self-confessed obsessive about security, an attitude which won him the SC Magazine award for Information Security Manager of the Year in April.

But back in 1993, his career was anything but secure. As a new graduate in computing he entered the jobs market just as the economy was going into reverse. "I applied for 297 jobs and got three interviews. I kept a database of all the companies I'd applied to," he recalls.

The best offer he got at the time was a shared job at a medical distribution firm, where "it meant I worked full time, but at half the money. At least it got me on the bottom of the ladder." He soon rose through the ranks, though, taking over the functions of IT manager when the incumbent left, followed by the roles of operations manager and warehouse manager. These were all skills that would be useful later, when his company was bought and immediately closed down – and Ritson was back on the jobs market.

Fortunately, at the same time, local Chinese food importer Wing Yip was looking to expand, and was taking on more senior management, including an IT manager, to drive the expansion. By chance, the company used the same back-office and distribution software as his former employer (a package from CSfD of Brackley, Northants) and Ritson was recommended for the post.

On his arrival, he found the CSfD software had been highly customised by his predecessors and was hardly used by the company. "We weren't doing a lot with the software and it had little documentation," he says. "I spent the first six-to-nine months writing a user manual."

In addition, no part of the company was networked and a lot of the equipment had reached the end of its life. "When I joined, there were no links to the stores, there was no EPOS solution, and they were running tills with a handle with a "ka-ching!" sort of thing," he recalls. "There was no comms in any of the stores and no radio frequency in any of the stores."

The situation presented him with a tremendous opportunity to make his mark, and with the help of the newly appointed financial director, he set about bringing things up to date and installing new technology to drive the business.

Wing Yip works from four main sites: Birmingham, Manchester, Cricklewood (north London) and Croydon (south London). These are far more than Chinese food shops – their founder wanted to create a complete Chinese experience in a themed mall with banks, restaurants, and even estate agents.

The company also launched an online store (www.wingyipstore.co.uk) last November, with little publicity, but this is already pulling in new business from some big new customers and from mainland Europe.

The four sites are fed from a central distribution hub in Birmingham, which also houses the main computer system, a Sun E3500 with a back-up generator (tested regularly), uninterruptible power supply, and twin air-conditioning units, just in case one cuts out. "I even go OTT with the air-conditioning, but we need resilience," says Ritson, and he has done everything he can to achieve it.

Having initially set up Kilostream links between the outlets and the distribution hub, he has recently replaced them with encrypted VPN connections using NetPilot appliances from Equiinet.

Using the wide-open world of the internet might be considered rash, but Ritson has characteristically built a robust solution that not only provides better bandwidth, but also saves money.

For extra safety he has comms services offered through two different providers. The main link between stores and central systems uses Easynet Surestream SDSL connecting to a Netpilot Plus box at the central Birmingham location. Easynet has a different physical backbone from the BT network.

The stores also have Eclipse ADSL connected to a NetPilot Remote for web surfing and non-critical internet activity, which also acts as backup to the SDSL service. And for good measure, they have 128kbps ISDN2e as backup too.

Checking for viruses is just as stringent, with three different packages used to prevent infection. For a start, internet access is granted only to those staff who need it, and all the PCs in the stores come without floppy disk or CD drives. "The only way files could come into the business is by downloading from the internet or through emails. All emails get scanned in three different ways – by Sophos at the NetPilot, by McAfee on the local Exchange servers in each stores, and by Norton on the client PCs."

Files that are not recognised, because they are encrypted or the antivirus systems score them high-risk, are either deleted immediately or parked in a security mailbox for inspection.

Down at the store, the EPOS tills and warehouse terminals feed data straight back to the central systems. "Due to the VPN, stores activity regarding purchase orders, booking in, sales orders, EPOS transactions and stock control, is all realtime," he says. "Overnight, we update the EPOS tills with new prices and products, and retrieve data from the EPOS server to verify that all daily transactions have been received and processed."

All the stores have a spare till that can be plugged in or cannibalised, and of course they have enough standby power to keep them going for eight hours in the event of a mains electricity failure.

At head office, Ritson has also created a fire-proofed disaster recovery suite away from the main computer room, where an A5000 disk array mirrors the main disks via a fibre optic connection.

"I decided against using a DR supplier who might charge me £25,000 a year for a service I might never use. The same goes for the tills and PCs – we prefer to look after them ourselves," he says.

"I'm a Yorkshireman, you know, short arms and big pockets. If I can do it better myself and save money for the company, I will."

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?