Client Web Portals

In the United States, it’s illegal in many states to send an unencrypted email containing a person’s Social Security number (An example is the 2006 New York Social Security Number Protection Law).  This regulatory constraint has a significant impact on the way in which American tax practices communicate with their clients.Secure Portal Image

While we don’t have such specific legislation in the UK, the Data Protection Act does place a duty of care on practices who wish to communicate personal information via email.

The seventh Data Protection Principle in the Act says : “Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data

It’s a truism that you should never write anything in an email that you wouldn’t write on the back of a postcard – email is NOT secure.  From this, it is clear that sending a clients tax return as a PDF attachment without protecting it from interception is a breach of the Act.    Of course in the real world, the risk of interception is low, but it does exist – particularly when dealing with clients who are in the public eye.

The obvious solution is to encrypt the email (using Public Key Encryption software), but this tends to require a degree of coordination between sender and receiver, and while the practice might be happy to invest in the appropriate software, clients are not.   In practice, I’ve NEVER seen such a system in use.

You could just encrypt the attachment (a password protected PDF, etc).  This is quite a common approach, as it can be implemented very quickly without much (or any) cost.  The difficulty arises in maintaining such a system.    You must ensure that the client knows the password you are going to use on the secured document, and all staff likely to send a document to that client must also know that password.  Ideally, the password for each client should be unique (which now means you need to maintain a list of hundreds or even thousands of passwords in the office).    It goes without saying that you should not communicate the password to the client via email!   In short, this approach runs the risk of creating an administrative burden that encourages staff to bypass the rules when in a hurry.

This is where a ‘Secure Client Portal’ comes in.

A portal is a secure web-site that is used to accept, store, and publish documents to authorised users.  The practice and all clients have access to the web-site through a username and a password.   The practice can see ALL documents for all clients.  The clients can see only those documents meant for them.    You may already have used a system like this if you opt to receive paperless bills from your phone provider, utility company or insurer.

In practice, a fee-earner uploads the draft tax return (or whatever) to the web-site over an encrypted link (coding it to the appropriate client), and the document remains stored securely until the client logs in to review it (also over an encrypted link).   The client is also able to upload information for delivery back to the practice.

While these sorts of systems are undoubtedly secure, they demand user names and passwords, so are inevitably a little less convenient than just dashing off an email, and herein lies the problem: Getting clients to use it.

Many years ago, a colleague of mine told me of a secure client portal that he had been involved with in Australia.  The product worked well, and was well received by accountancy practices who could see the product as a way of making themselves stand out from their competitors.   It sold very well….in the first year.    Soon practices found that clients liked the idea of the portal, but didn’t actually use it.  The process of navigating to a special web-site and entering a username and password was all too much trouble compared to just sending an email, and there was not enough perception of real danger associated with email to overcome that extra hassle factor.

The real competition for client portals, then, is email.   Email is easy, familiar and quick.  The inherent insecurity of email is not high enough in people’s consciousness to push them to use a less convenient tool.     It’ll almost certainly take a high-profile court-case to get everyone’s attention and encourage a big change.

In the meantime, if secure document exchange portals are to succeed then, they have to offer something extra to both the practice and the client – beyond the rather unglamorous world of risk-mitigation.

Where portals can really make an impact is if they deliver additional features that puts them back ahead of email in the sheer convenience stakes – features such as on-line approval with digital signatures providing genuine reductions in time and effort for practice AND client.

Conclusion

A properly implemented portal can offer genuine benefits for the security of sensitive client communications.  Clients may not seem that interested by it, so you should accept that it will be several years before it becomes routine.

My key recommendations:

1. Don’t do it yourself – use a portal that is hosted by a professional hosting company.  You don’t need the hassle of managing a web-server and the associated infrastructure.  This also helps to maintain a very clear ‘firewall’ between your own files and the documents that are published to clients.

2. Pick the RIGHT host – If your portal is hosted on servers that are outside the EU, then the data is NOT protected by EU data protection legislation (‘Safe harbour’ agreements are OK as far as they go, but I’d still feel happier when my data stays inside the EU).  At the very least, you should confirm with your PII provider that they are happy with your choice and make sure your clients are aware that you will be storing their data on external systems.

There’s an exciting EU discussion document on the subject of cloud data-storage here….

http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2012/wp196_en.pdf

3. Be cautious about using the ‘consumer’ cloud storage services such as DropBox and Google Drive.  Some of the T&C’s used by these services are really not up to scratch.   Fine for holiday pictures, NOT fine for a clients tax affairs!    If nothing else, these services will not be easy to use when working with multiple clients – none of whom should see each other’s files.

4. Pick a portal that integrates with your document management system – the extra hassle involved in keeping TWO systems synchronised just isn’t worth it.

Insolvency Filing and CCH Document Management

CCH Document Management is one of the leading products for the UK Accountancy profession.  It does all the things you’d expect of a Document Management product, but it’s key strength is the high degree of integration with the ‘CCH Central’ suite of products.CCH Document Logo

CCH Central is a framework into which each of the CCH products can be ‘plugged’.  They all share a common set of screens and a common database, and each product benefits from the presence of its siblings so that the overall utility of the suite grows exponentially as you purchase new elements of the suite.

If you have CCH Central (core client database) and CCH Practice Management (Time & Fees), and you then add CCH Document Management, the document management functions appear as extra features and screens within the existing software.   There is no new desktop icon, just a set of extensions to the software you already have open on your PC all day anyway.    The new product already ‘knows’ about your clients and contacts the very first time it loads up, and automatically makes use of that data.

When you file a document into any Document Management system, you must complete a database record for the new document.  This can be considered as an ‘Index Card’ for the document, and no document can be filed without one (The industry term is ‘Metadata’ : data about data).     In the case of CCH Document Management,  the document metadata is intimately connected to the rest of the CCH Central database.   If you have created a ‘Personal Tax’ assignment against some clients in your Time & Fees setup, then CCH Document Management knows this, and offers to apply this information against any document filed to a Personal Tax client.   It also knows what tax years you are currently working on, and also offers to code the document to the right one – All very neat.

BUT

What if your filing requirements don’t match nicely with your Time & Fees analysis codes?  Insolvency (or Corporate Recovery as fashion dictates we now call it) typically uses a quite extensive filing structure, while simultaneously running a fairly simple Time & Fees design.  The demands of SIP9 are not that complicated, but insolvency files often are.    In these situations, CCH’s use of Time & Fees analysis to drive document filing can cause one or two challenges.

I have prepared a White Paper that discusses two approaches for configuring CCH Document Management to successfully support the needs of a Corporate Recovery division alongside those of a general practice. It describes how the software will appear for users, how to configure the software, and highlights the relative advantages and disadvantages of the two approaches.

To download a free copy (PDF 1.2Mb) click the link below…

Implementing Insolvency Filing in CCH DM

Windows 8 – Using it for real

I’ve been playing with Windows 8 for a while now, and I recently installed the ‘Consumer Preview’ onto my day-to-day laptop.

A lot of Windows 8 is based on Windows 7.  This is not a bad thing, and Windows 7 is the best Operating System Microsoft have ever produced.  Windows 8 has the SAME hardware demands as Windows 7, along with some enhancements to, for example, make it boot up even faster.  My four-year old laptop starts up in HALF the time it did with Windows 7.

The biggest change, is, of course, the new ‘Start Screen’.   This replaces the old start button & menu that has been sitting at the bottom left of our screens since Windows 95. The Start Screen is a sideways scrolling array of ’tiles’ of assorted colours.  Each tile is pretty much the same as the icons you have on your start menu.  If you click the ‘Microsoft Word’ tile, then Word will launch and appear just as it always has.    Microsoft are also encouraging the development of a new range of touch-compatible programs that will use the same look and feel as the Start Screen.

The Start Screen appears as soon as you log in to your computer, and can be called up in the same way as the old start menu (By clicking your mouse in the bottom-left corner of the screen, or by tapping the ‘Windows key’ on your keyboard).

With some extra development work, software suppliers can customise their program’s tiles to contain information – status updates, summary information, and so on.   The Start Screen then starts to become a constantly changing ‘dashboard’ as well as a menu.   Microsoft have created some simple programs to demonstrate this in action (showing my next Outlook appointment, and listing any unread emails, for example).

You can decide what tiles you want to see on your Start Screen, and how they are laid out.   Anything you don’t use (all those little utilities and configuration tools that clutter up the Windows start menu, for example) can be relegated to a hidden ‘All Apps’ screen that you never have to look at).

You can also organise your Start Screen into groups of tiles with a common theme.  I, for example, have created a ‘Work’ group and a ‘Personal’ group (as well as a third group  for ‘Stuff I don’t use very much’!

So – Instead of having a desktop with ‘shortcuts’ for your regularly used programs, documents, and web-sites – you create tiles instead – organising them into groups as appropriate.  On the ‘Work’ section of my Start Screen,  I have, for example, added a tile for AccountingWeb, and one that takes me to my ‘Clients’ folder.

If I start to type on the keyboard, Windows immediately starts to perform a search of all the items on my Start Screen.   So, if I want to launch Windows Calculator, for example, I only need type ‘cal’ and the screen instantly changes to display only those applications that have ‘cal’ in their name.

The Start Screen, then, is your computer’s Home Page and menu system rolled into one.   It has clearly been designed with touch-screens in mind, but in practice,  I’ve found few problems using mouse and keyboard on my laptop.

Where’s my desktop?

When you click on a tile to launch (for example) Microsoft Word – Windows 8 then reverts to more familiar territory.    Your programs appear much as they do in Windows 7.

You can have shortcuts and icons on your desktop, you can have multiple windows open, and you have the old taskbar at the bottom of the screen.   Using the computer for actual work, then, remains pretty much the same as before.   There is no ‘Start’ button in the bottom-left, however, as the start menu no longer exists.

Conclusion

There has been much discussion about the slightly schizophrenic nature of Windows 8.  On the one hand, you have this new finger-friendly Start Screen with its whizzy tiles, and yet most of the business software you will launch from that screen demands ‘old Windows’  desktop and keybaord and mouse to work properly.    So, what is Windows 8 really about?

Windows 8 is the first step in a move towards a new generation of touch-screen tablets that are also ‘proper’ computers.  It’s also a reaction to the success of the iPad.    A lot of the fancy features of the Start Screen are about competing with Apple for the HOME computing market – where simplicity and visual impact matter and where the idea of seeing your Facebook updates alongside slideshows of your holiday snaps is very powerful.    Imagine a Windows 8 touchscreen on the wall of your kitchen, with touchscreen access to email, family calendar, Facebook, Twitter, weather, photos, recipes, TV shows, etc.

In the business arena, the argument is less clear (for now).   Windows 8 will only really offer benefits with a new generation of computers that can act as both tablet AND desktop PC.   Taking the tablet out of its docking station to go to meetings or client visits (and using the touch screen) and then returning it to its dock when you get back to your desk and switch to a mouse and keyboard.  iPads are starting to make inroads into business life for note taking, email and reference on the move.  Windows 8 is Microsoft’s fightback.

Windows 8 really starts to come alive (and make sense) when used with a touch screen.   In short – If you have existing kit running older versions of Windows, I’m not convinced there is a business case for upgrading.  A few years from now, however,  the idea of being able to operate a single bit of kit as both tablet and desktop will be quite compelling.

Secondary Benefits of Document Management

I was recently asked by CCH and AccountingWeb to write up a discussion paper on the less obvious, second-tier benefits of Electronic Document Management – the stuff that doesn’t become apparent until a system (any system – not just CCH’s) has been in place for a little while.

Return On Investment is a commonplace mantra with technology offerings for business at the moment (as indeed it should).   The ROI of Document Management can be quite tricky to pin down at times, because the impact tends to happen in terms of lots of little advances and benefits – how do you quantify the  benefits of NOT losing a client file?

Anyway – you can access a copy of this White Paper at the CCH web-site.. here.

There was follow-up discussion on the subject on AccountingWeb here.

Singleview and Office 2007/2010

Singleview’s last major release was in mid-2007 – too late for MYOB to take account of the latest and greatest version of Microsoft Office.   It transpires (more by luck than judgement, it has to be said – although I should pay tribute to the heavily abstracted architecture created by James Cullingham for making this possible) that Singleview’s configuration can  be adjusted to provide support for Office 2007 and Office 2010.

I have created a knowledgebase document that describes the steps needed to alter Singleview in advance of any Office 2010 roll-out.  You can download this by clicking on the following link….

Singleview and Office 2007  (PDF, 1.2Mb).

Windows 8 – Why should we care?

This week – as the press has been reporting – Microsoft has released an early version of Windows 8.

Samsung Windows 8 Tablet

Much of the focus has been on the new ’tile-based’ interface that appears when you log in, and there is a temptation to see this as irrelevant for ‘proper work’.  But the overall trend (both social and technical) is in Microsoft’s favour – To use the old business/ice-hocky metaphor, they’re ‘skating to where the puck WILL be, not where it is’.

What are those trends?

Technical

1. Processor power is continuing to develop as quickly as ever
2. Battery technology continues to improve
3. Solid state storage (as opposed to hard disks) is getting cheaper, which has its own impact on battery life

Case in point : It’s been calculated that an iPhone 4 is more powerful than the room-filling CRAY-2 supercomputers of the 1980’s.  An iPad 2 would have been the world’s fastest computer right up until the mid 90’s.

Social

1. User expectations have been dramatically raised by the iPhone and iPad – people can see what is possible, and won’t tolerate poorly designed, over complex technology.  Apple has demonstrated that tablets can work.

2. Users are increasingly pressurising employers to allow them to use their own kit (And I see a LOT of partners with iPads now – all asking IT to make it link with the office email system).

With Windows 8, Microsoft are clearly trying to serve two masters – On the one hand: the Consumer, who wants an iPad-style device to read mail, access photos and other media, and as an all-purpose internet-linked organiser/notepad.  On the other hand: Enterprise customers, who need to work with more complex applications and require centralised management, security, and consistency (so they don’t have to spend vast sums on re-training).

There’s a gap there – Tablets are not suitable for running heavy duty content-creation applications, and the traditional PC/Laptop isn’t as convenient and accessible as a tablet.

Apple see that same gap  – Apple’s iOS is a mobile operating system – designed to deliver excellent performance on the mobile hardware of today, but excluding ‘desktop’ features that would compromise the overall product (Case in point – Flash is not supported on iOS because it’s so processor and battery hungry).   iOS exists because it’s not possible to build a full-power Mac into a portable solid-state tablet with fantastic battery life yet.

I suspect that Microsoft are looking towards a time when technology will advance to a point where it CAN deliver desktop performance in tablet-sized packages, and in that situation, why not have a “full-fat” desktop Operating System running an optional ‘mobile’ user-interface with the ability to switch between the two at will?

So…Five years from now (probably sooner)- Imagine a tablet running a touch-friendly iPad-type operating system. You use it to read a book or newspaper on the train, and you use it in meetings for note-taking and looking stuff up.  Back at your desk, you drop the tablet into a dock with a keyboard and mouse, swap to a more ‘traditional’ desktop, and launch Excel (or whatever). All on ONE device.  This machine doesn’t take 10 minutes to boot up, it takes seconds. It lasts two or three days before needing a recharge, it can store vast amounts of data (and integrated internet gives you access to the rest).   The current situation of tablet PLUS laptop is only a stopgap until tablets get faster.

I think THIS is what Microsoft sees – sometimes you’ll be holding Windows 8 in the crook of your arm, using a touch-screen – and sometimes you’ll be sitting at a desk using a mouse and keyboard.  And it’ll be a single device for both.

Douglas Adams – Still saying better than we ever could…

For complicated reasons I won’t dwell on – I found myself reading an article written by Douglas Adams more than a decade ago.

If you want an entertaining and frighteningly prescient discussion on the Internet, innovation, and its impact, then you’d be hard pressed to beat this…

How to Stop Worrying and Learn to Love the Internet

and… a brief extract which sets the tone…..

1) everything that’s already in the world when you’re born is just normal;

2) anything that gets invented between then and before you turn thirty is incredibly exciting and creative and with any luck you can make a career out of it;

3) anything that gets invented after you’re thirty is against the natural order of things and the beginning of the end of civilisation as we know it until it’s been around for about ten years when it gradually turns out to be alright really.

Apply this list to movies, rock music, word processors and mobile phones to work out how old you are.

Personal Email at Work

I’ve been asked several times recently about personal emails on work IT systems.

I’ve been doing a bit of work to assemble some information on the issue and cut through some of the assumptions that are made.

I should make it clear that I am not a lawyer, and that even if I was, I wouldn’t be your lawyer, so seek advice if you are unsure or feel that your circumstances are unusual.  This article is intended more as a common-sense guide to the main issues.  I should also make it clear that I am talking about the situation in the UK only.

There is a (mistaken) view in some quarters that – if an employee does something on a work computer then the employer ‘owns’ the data and therefore has an automatic right to read it. In Europe, there is clear case law (derived from article 8 of the European Convention on Human Rights) that allows an employee a degree of privacy – even when using company systems to send personal communication.   Especially if they haven’t been told that monitoring may take place (and therefore have a greater expectation of privacy that might lead them to be less cautious about what they say).

http://news.bbc.co.uk/1/hi/wales/6559873.stm

http://plc.practicallaw.com/1-369-8081

Needless to say – there are grey areas. There is no one single clear statute that sorts it all out for us!   Instead, you have to navigate the interactions of:

  • Human Rights Act 1998,
  • The Data Protection Act 1998,
  • The Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000,
  • Regulation of Investigatory Powers Act 2000  (RIPA)

As an employer, you do NOT have an absolute right to read an employees personal emails.  In fact RIPA now actually makes it a criminal offence to intercept (i.e. read) emails without ‘lawful authority’ (Yes, even when you own the email system on which the communication is taking place).

‘Lawful authority’ in this case basically falls into two groups:

  1. The permission of the sender and recipient
  2. An assortment of specific activities such as prevention of crime, ensuring regulatory compliance, etc.

Note that the second group only appears to apply to business-related communications, so they are not a carte blanche to intercept personal emails – you’d need to be able to justify your actions.

http://plc.practicallaw.com/9-101-3059

In essense – if you want the option to intercept employees personal emails – you categorically need their permission – most likely in the form of a clause in their employment contract and/or a clearly worded ‘internet use policy’ that states that personal communications may be subject to monitoring.  In the absence of that permission, you will leave yourself open to legal action.

Conclusions
Decide, as a matter of principle, if you are happy for your staff to use the firm’s systems for personal communication at all.

Decide if this means they can use the firms email system, or if you prefer them to use personal email addresses via web-mail systems like Hotmail.  (Pro:dodgy personal emails aren’t emblazoned with your company’s name.  Con: Web mail won’t go through your central email filters, so it could be a source of viruses).

Once the decision has been taken to permit personal use – then it all comes down to the practical aspects of constructing the policy and communicating it to employees.  There are lots of examples out there, so I won’t go through the chapter and verse, but I will suggest a few points for consideration:

  • Clearly state that all messages in and out of the system MAY be subject to monitoring, and WHY (compliance, reputational risk to the firm, etc.)
  • Remind users that emails may be archived for extended periods of time on servers, backup tapes, and the like – even if they have been deleted from the user’s own desktop software.
  • Point out that using web-mail systems may result in some content being stored in temporary folders on desktop PC’s or on the firm’s internet firewall.  This could include logon information such as passwords.

At the end of the day, you need to make it clear that if your employees are THAT concerned about their privacy, then they shouldn’t use the firms IT systems.  They can then make informed decisions on the level of risk they are taking.

One approach I have seen recommended is to establish a clear protocol for personal messages – so that if, for example, you need to access an employees mail while they are away or off sick – you can distinguish work from personal without actually opening the message.   Ask employees to put ‘PERSONAL’ in the subject line of the email, for example, or get them to create rules in Outlook that move all incoming personal messages to a seperate folder.  You may want to also ask that staff use a different signature when composing personal emails (excluding mention of their job-title or other corporate branding).

As a final point:- if you do allow personal email traffic, then once it’s on your systems it becomes your responsibility to protect it under the Data Protection Act – make sure that access to staff emails is suitably protected so that the messages can be accessed only with a valid reason.

White Paper – “Retiring Singleview”

Good old Singleview – which has been around in one form or another for the best part of a decade – is now in ‘maintenance’.   This is another way of saying that it’s no longer being developed.   It’s not dead yet, as there are more than a hundred organisations using it every day, but CCH are starting to make noises about migration to their new product: CCH Document Management.

CCH have put a fair bit of effort into ensuring that most (but not all) of Singleview’s features are present in the new product.  Nevertheless, the new software is very different (visually and in terms of the underlying ‘ethos’).

I’ve prepared a free white paper that discusses the differences, and provides guidance on how to start planning for the inevitable.

White Paper – Moving from Singleview to CCH DM  (PDF – 2Mb)

CCH are pretty goood about support for old products – they don’t cut users off at the knees like some software providers.  Nevertheless, the product inevitably starts to age, and  it won’t be updated for future versions of Windows or SQL-Server, making it more troublesome to keep using.  CCH did release an update to resolve an issue with Outlook 2010, but this is going to be the exception rather than the rule in the future.

This white paper was written to compare the final version of Singleview (v4.40) and CCH Document Management v1.3.

The Internet is full! – The sky is falling!

There have been a few stories in the press recently to the effect that the internet is ‘nearly full’.   So – I thought I’d add my two penneth… with an almost completely jargon-free summary of the problem.

At the heart of the internet (and also your office network – unless it’s very old) is something called TCP/IP.  TCP/IP is the means by which computers talk to each other over a network.

With TCP/IP, every computer is assigned an ‘IP Address’.  In simple terms, it can be considered as your computer’s ‘phone number’.  Any computer that wants to talk to any other computer over a network needs this number before it can send any data.

An IP address isn’t a single monolithic number, but is structured into sections to contain what might be considered ‘area codes’ (to extend the telephone metaphor a bit further). An IP address looks something like this –192.168.25.105 (four numbers separated by dots – each of the four numbers can range from 1 to 255).

The design of the IP Address means that there are a total of 4,294,967,296 possible addresses, which probably sounded quite a lot when the thing was designed in 1981 by the US Defence department.

It turns out that it wasn’t nearly enough, and we’re now very close to running out.   What was not predicted was that the internet would become so all-pervasive that your mobile phone has an IP Address, your office printer has one, and your next washing machine, car, and even light switch will probably have them too.

Over the years, there have been various clever approaches to eke out the dwindling stock of numbers – The most successful being Network Address Translation (NAT) which means an office containing thousands of PC’s now only needs a single IP address on the internet (A bit like the way your single office phone number can service lots of telephone handsets in the building via the use of extension numbers – and the metaphor is now stretching to breaking point).

Computers need a bit more structure in their lives than humans, so we can’t just do what British Telecom does and muck about with area codes in random ways. BT splitting the London area codes from ‘01’ to ‘081’ and ‘071’ for example – was their (unsuccessful) solution to the same fundamental problem.

The answer, which has been in preparation for several years, is a whole new numbering system called IP version 6 (IPv6 for short). (The current system is IPv4, by the way – IPv5 was a specialised project that never really got off the ground).

An IPv6 address looks quite different from current four-part addresses.  It looks a bit like this:  2001:db8:1f70::999:de8:7648:6e8.

Because the IPv6 address is much bigger, it allows for many more addresses than IPv4.  In fact IPv6 provides for 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses – well beyond Billions and Trillions and into orders of magnitude that we don’t even have names for yet.

IPv6 has been around for a while, and most modern kit has been designed to be able to support it – Windows Vista and Windows 7 both have it built-in and installed as standard for example.  You only need to configure and activate it.   Windows XP got IPv6 support in Service Pack 1.

IPv6 also incorporates a whole range of technical changes – incorporating all of the lessons learned over the last couple of decades – to improve the efficiency, reliability, and security of Internet communication.

Why should I care?

At some point in the medium term, the internet will switch over to IPv6, and you WILL need to ensure your IT systems can cope with this change.

Will the sky fall in if I don’t do anything tomorrow?

No.  Most of the planet is in the same boat, so nobody’s going to do anything to rock that boat in the short term.

Will the sky fall in if I don’t do anything in the next year or so?

No.  As a small business, your ISP will eventually do most of the work and sort you out with an IPv6 address, and then do some old-to-new translation so your office network can still access the internet.

Will the sky fall in if I ignore the problem completely?

Ummmm.

Eventually – you may find yourself with a degrading internet connection – possibly even in a position where future clients won’t be able to find you on the Internet or connect to you.

What should I do?

Make sure that future purchases of network infrastructure (Hubs, Switches, Routers, etc) can support IPv6. The transition will be gradual – albeit inevitable.