Magazine article

It has taken just six years for what once appeared to be an oversized iPhone to become a fixture in boardrooms around the world. The New York Times has reported that as many as half of all iPads sold are being snapped up by businesses and government entities, with sales of the higher-end iPads particularly strong in the business market.

“When the iPad was released, I don’t think many people imagined that it would become such a significant business tool,” says Colin Panagakis GAICD, business development manager at BoardPad. “Now most boards and committees are using the technology because it helps them do their jobs more easily, efficiently and securely. And the directors who aren’t should probably be asking themselves why not.”

Working with an iPad makes it easier to receive, carry and work on board packs wherever you happen to be. You can add and circulate notes, comments and annotations; approve board resolutions electronically; and view calendar items and minutes from previous meetings. And the organisations you work for can stop spending thousands of dollars on printing and posting paper board packs.

“There are still some directors and chairs who prefer to do things the old-fashioned way, but we are seeing a steady migration to digital in the boardroom,” says Tessa Court, chief executive officer (CEO) at online information management company IntelligenceBank. “The most recent IntelligenceBank Boards survey found that 73 per cent of our clients always use an iPad to log in compared with 27 per cent who prefer a laptop or paper.”

For some, security is still a leading concern – and it’s true that the amount and quality of information held in board portals makes them attractive targets.

“Security and data sovereignty are both critical issues,” says Court. “Some boards – those of many government departments, for example – are not permitted to host their board papers outside of Australia. But there are also risks associated with hosting board papers on internal IT systems because the internal IT team have access to them. And, sometimes, corporate data centres are not as robust in terms of risk management as the larger providers used by board portal companies.”

An online board portal with a dedicated iPad App holds the information in a “closed loop” system with a log in requirement, audit trails and encryption. “Every company should seek assurance from their board portal provider that independent penetration tests occur regularly and that all data is encrypted,” says Court. “No system can be guaranteed impenetrable, but a robust board portal will be far more secure than, for example, email and file synchronisation (sync) programs – though some boards continue with these because they appear to be an easier option.”

In this case, ease of use can also mean easy access.“Some consumer file-sync applications rely on creating public links to information without having to log in,” says Court. “There are now search engines that trawl these public links searching for board papers and making them publicly available. Similarly, if board papers are emailed to directors without encryption, it only takes a low-level hack to a personal computer to uncover sensitive information.”

Increased options

The iPad may be the most popular device of its kind but it’s not the only one. “We are starting to see growing interest in the Microsoft Surface tablet as well as Android devices,” says Panagakis.

This is driving a trend towards the so-called agnostic environment. “Directors expect to be able to walk into a space that configures automatically to their preferred device,” says Stephen Sokolowski, CEO of Urban Intelligence. “In many cases, this is driven by technology they’re using at home. We work in both commercial and residential situations and often find that once our clients see the benefits of fully-integrated technology in their domestic setting, they want us to reproduce this experience in the boardroom.”

One strictly corporate option for better collaboration is an interactive boardroom table. “A number of touch-screen surfaces are embedded into the table and driven by a computer which also drives a monitor hanging on the wall,” says Sokolowski. “Directors can collaborate with content on the table top and even push selected content to a large wall-mounted monitor for wider participant viewing. This can be particularly useful where boards regularly need to create and edit charts and diagrams.”

However, there’s a danger that technology could be a little too pervasive. “Making decisions that will influence the future of the company requires deep work, and the use of mobile devices and computers can interfere with this,” says Raphael Goldsworthy, managing director of Better Boards Australasia. “In the boardroom, you can’t have directors taking calls or half listening because they’re checking their email. And having so many other things just a click away can be very distracting outside the boardroom when you’re reviewing documents and papers before the meeting.”

Panagakis recommends that boards develop a clear policy on how and when mobile devices can be used. “It’s up to the chair to discuss this with the directors to establish the best way for them to work,” he says.

Managing big data

There’s nothing new about the concept of working with what we now call “big data”.

“Boards have always been responsible for gathering all the information they need in order to make the best decisions for the company,” says Panagakis. “Technology has just provided more sophisticated ways to collect and present the information.”

As a by-product of digitised business processes, big data has the potential to help boards with both micro and macro analysis. “We’re seeing growing interest in board portal dashboards that provide key performance metrics and also enable directors to drill down into as much detail as they need,” says Court. “For example, more and more of our board portal clients have an integrated control self-assessment application which allows directors to manage and report on the effectiveness of governance and internal controls. On a macro scale, solid strategic planning highlights the critical decisions that need to be made and big data analysis can help the board to decide what needs to be prioritised.”

The board still needs to be alert to possible inconsistencies. “Directors should be just as rigorous in scrutinising big data reports as those from any other source,” says Goldsworthy. “You still need to ask the right questions to get the right answers and big data doesn’t magically make that any easier. Depending on how it is sliced and diced, or even the source of the raw data, there can be underlying issues for the board to take into consideration.”

For some years, directors have been using telephone and video conferencing technology to dial into board meetings they are unable to attend in person. “This can save time and travel costs as it introduces a level of flexibility,” says Goldsworthy. “For example, a director who would struggle to attend every board meeting might be more likely to join a board where there was an option for the occasional virtual visit.”

One well-documented downside is the fact that the dynamics of a meeting can change considerably when one or more of the directors are off site.

“Virtual meetings are harder to chair because it’s much harder to read facial expressions and body language,” Goldsworthy continues. “This makes complex discussion and debate more difficult. Confidentiality can also be an issue as you can’t be sure that no-one else is in the room but out of sight.”

Another challenge has been the price, with sophisticated telepresence systems costing hundreds of thousands of dollars to install. But this is starting to change.

“Cutting edge conferencing software is replacing traditional offerings from companies like Cisco and Polycom with much more affordable solutions such as Skype for Business,” says Sokolowski.

The director as a target

Risk associated with technology isn’t limited to the boardroom. “Directors by their very nature have a significant public profile,” says David Owen MAICD, partner – cyber security and privacy risk advisory at Deloitte. “Their extensive networks and access to information can also make them very attractive targets.”

Once criminals have infiltrated a director’s email address they can usually send emails that appear to come from that account. “We’ve seen that play out particularly with ‘accounts payable’ fraud, where someone with authority to pay gets a very authentic looking email telling them to transfer an amount of money into a particular account,” says Owen. “In the past year to 18 months we have spoken to a large number of Australian businesses that have lost between $20,000 and $10 million in this way.”

There is also the potential for ongoing fraud. “Some entities, such as foreign governments, are more interested in gathering sensitive corporate information over the longer term,” says Owen. “In this case, their aim would be to compromise a director’s account and remain undetected for months or years. Just recently, Apple had to rush out a patch to fix security vulnerabilities that were allowing what appeared to be a government organisation to read text messages and emails, record conversations and collect passwords.” Directors need to adopt an inherently cautious approach to the internet both a social and corporate context.

“The more information you put in the public domain, the easier it is for criminals to build a comprehensive and persuasive profile,” says Owen. “For example, if you’re interested in cycling and join a cycling group on Facebook, they might use that information to craft emails that appear to come from that group.”

Criminals may also target a director’s home computer. “It’s often easier to get into a home account than a business one,” says Owen. “Criminals work on the assumption that some directors will forward corporate documents to their personal email account to work on at home. And, even if they don’t, there’s a good chance that the hacker will be able to find signed documents and then recover signature copies to use in fraudulent emails.”

And the computer is not the only point of vulnerability. “Directors’ digital footprints are expanding along with those of their companies,” says Tommy Viljoen, a Deloitte partner and leader of the risk advisory security team. “At home my TV and even my doorbell are managed by IT, which makes them potential entry points for criminals if they’re not secured appropriately. It’s much easier to overlook cyber security at home than in the workplace.”

In the past, some directors have been criticised for not choosing secure passwords, or not using passwords at all. But even secure passwords are weakening as a means of control. “Most people have over 100 online accounts and this is forecast to reach about 200 by 2020,” says Panagakis. “Therefore it’s not surprising that they tend to use the same password across a large number of accounts. Rather than pretending it doesn’t happen, it’s best to work with that by adding a second level of authentication such as a code sent by text message – though we still encourage board members to create unique passwords for every company system they access.”


The future of the boardroom

Raphael Goldsworthy has identified three emerging technologies with the potential to change the way boards operate.

Virtual and Augmented Reality (VAR)

(VAR) technology is already being used in the building, construction and architectural industries where it allows stakeholders to interact with a building under construction as if it were already complete. In the boardroom it could, for example, provide an immersive tour of a proposed expansion. It could also create a virtual boardroom realistic enough to allow directors to judge collective emotional reactions in ways that are not possible using current videoconferencing technology.

Real-Time Voice Translation

Already a reality thanks to Skype Translator, real-time voice translation opens up opportunities for multi-lingual and international boards as well as better communication with international branches, customers and suppliers.

Artificial Intelligence and Machine/Deep Learning

Recent developments in machine learning – also known as deep learning – and artificial intelligence have shown just how limited humans are in terms of predicting outcomes. VITAL, an algorithm, was appointed to the board of Deep Knowledge Ventures in 2014 and, while some dismissed it as a publicity stunt, many high-performing boards are taking the possibility that artificial intelligence and algorithms could improve decision-making very seriously.