Appian reengineers low-code platform for adaptability


Bobby Hellard

14 Sep, 2021

Workflow specialist Appian announced the latest version of its low-code automation service at its European conference on Tuesday. 

The refreshed Appian Low-Code Automation Platform promises to be faster and more efficient for building enterprise applications through advancements in low-code data and improvements to the user interface.

Appian hopes its new improved platform can make it easier for companies to access and transform their data with new services to sync, store and view it. In addition to new features that aim to improve automation, connected systems and application deployment. 

Ahead of the announcement, CEO Matt Calkins spoke to IT Pro about the improvements and how low-code has evolved over the course of the pandemic. 

«We went public as the first low-code firm in the world, back in 2017, and at that time, low code meant pretty much EPM or workflow,» Calkins said. «It was drawing instead of coding your application, but we have expanded it. In the years since then, we expanded downstream into automation.

«So you can now learn about the processes in your enterprise before you automate them. You can even translate the process mining map into a process model, and then edit it. So we’ve expanded both downstream and upstream from the original workflow centre of low code and now we believe that we’ve redefined what workflow needs to be to be viable in 2021.»

This new approach to workflow is about change and the need to be adaptable and change quickly has been «reordered» by the pandemic. According to Calkins. In response, Appian has made agility «imperative» and decided that it would make sense to gather a suite of products to make it as easy as possible to build a new app, a new process and to run that process. 

«We know how important it is now, to create change, to be empowered to change, and so we’re going to give you this platform that is the best possible way to define your new patterns and execute them. And we know that that’s what the market wants right now because they’re all desperate for ways to change for the better.» 

Intuit eyes SMBs with $12 billion Mailchimp acquisition


Keumars Afifi-Sabet

14 Sep, 2021

Intuit has agreed to purchase global customer engagement and marketing platform Mailchimp for $12 billion as it sets to cement its market position among small businesses.

Intuit and Mailchimp will combine their respective technologies to build an end-to-end customer growth and engagement platform for small and medium-sized businesses (SMBs), the company said. 

Founded in 2001, Mailchimp began offering email marketing services and has now evolved into a major name in customer engagement and marketing automation with AI-driven tools and services. Intuit, meanwhile, is most well known for its QuickBooks small business accounting software.

A unified platform between these two entities would allow customers to get their business online, market their business, manage customer relationships, benefit from analytics, get paid, access finance, optimise cash flow and remain compliant. This is alongside access to expertise the firm will provide in the form of a services offering.

Through this joint platform, SMBs can also combine customer data from Mailchimp and purchase data from QuickBooks to gain insights that can be used to grow their businesses.

“We’re focused on powering prosperity around the world for consumers and small businesses. Together, Mailchimp and QuickBooks will help solve small and mid-market businesses’ biggest barriers to growth, getting and retaining customers,” said Intuit CEO Sasan Goodarzi.

“Expanding our platform to be at the centre of small and mid-market business growth helps them overcome their most important financial challenges. Adding Mailchimp furthers our vision to provide an end-to-end customer growth platform to help our customers grow and run their businesses, putting the power of data in their hands to thrive.”

The firm has committed to another large-scale acquisition only months after completing its $8.1 billion purchase of Credit Karma, a startup with 110 million members. This firm offers financial services, including credit and loan comparison, alongside free credit score tracking. 

Intuit was mostly intrigued by the firm’s reach, according to Forbes, as it embarked on its vision to expand among smaller businesses.

The Mailchimp acquisition allows Intuit to build on these ambitions, given the company’s own global customer reach comprising 13 million users. Intuit will also benefit from taking over 2.2 million daily AI-driven predictions.

As part of its ambitions to target SMBs with a unified platform, the firm has embarked on an acquisition spree in recent years, also purchasing OneSaas in February and TradeGecko in August 2020.

Intuit expects the Mailchimp acquisition to close during the second quarter of the 2022 fiscal year, with the deal subject to standard regulatory hurdles.

Fuze deepens partnership with Microsoft Teams


Praharsha Anand

14 Sep, 2021

Web conferencing platform Fuze has extended its partnership with Microsoft to enhance Fuze for Teams.

Fuze for Microsoft Teams integrates Fuze Voice with Meetings, making it easy for users to call or meet from within their Microsoft ecosystem. In addition to Fuze Desktop, Web, and Mobile, Fuze for Teams is available across Teams environments.

According to the company, Fuze and Microsoft’s new strategic alliance will streamline workflows between Fuze and Teams. 

“Across the modern workforce, many employees must navigate between a range of communications platforms throughout their workday for internal and external meetings, including Microsoft Teams,” explained Fuze.

“The COVID-19 pandemic has accelerated this challenge for employees, as organizations now rely on a myriad of communication solutions to remain productive in a remote or hybrid work environment.”

The company said the software’s new features allow for improved flexibility and a consistent calling experience across enterprise communication channels. The firm also outlined three key capabilities.

Firstly, Fuze now offers flexible direct routing for users with any Teams license, an upgrade of critical importance to customers seeking to have all their communications occur inside Microsoft Teams. Fuze has also expanded click-to-connect functionality allows customers to use Microsoft Teams with Fuze Calling and Meetings at no additional cost.

Finally, enhanced add-on capabilities allow Teams users to access and control their voicemail, check call history, expand their contact list, and access the Fuze Contact Center agent tab regardless of the routing option.

Fuze president and CEO Rob Scudiere said: “At Fuze, we are committed to meeting users where they work, which means eliminating as many barriers as possible to efficient and productive workflows that meet all of today’s communications needs.”

“These integration updates provide users with a flexible and consistent communications experience across the Fuze and Microsoft Teams platforms while enabling users to mix-and-match Fuze for Teams solutions depending on their unique use case. This is an important step towards more productive and efficient communications across the enterprise.”

Lack of talent a «significant» barrier to emerging technologies


Bobby Hellard

14 Sep, 2021

lack of talent has been cited as the biggest barrier to the adoption of emerging technologies, according to a new Gartner survey. 

According to the analyst outfit’s ‘2021-2023 Emerging Technology Roadmap for Large Enterprises’ report, IT executives expect talent shortages to be a «significant» barrier to 64% of emerging technologies. 

The 2021-2023 survey provides a peer-based view of the adoption plans of over 100 emerging technologies from 437 IT global organisations in North America, EMEA and APAC over a 12- to 24-month-time period.

The availability of talent – or the perceived lack of it – was cited as the leading factor inhibiting adoption for six technology domains: compute infrastructure and platform services, network, security, digital workplace, IT automation and storage and database. For the same report in 2020, IT executives only saw a lack of talent as an issue for 4% of emerging technologies.  

This shortage is also cited as the main adoption risk factor for the majority of IT automation technologies (75%) and nearly half of digital workplace technologies (41%), according to Gartner’s report. 
 
«The ongoing push toward remote work and the acceleration of hiring plans in 2021 has exacerbated IT talent scarcity, especially for sourcing skills that enable cloud and edge, automation and continuous delivery,» said Yinuo Geng, research vice president at Gartner.
 
«As one example, of all the IT automation technologies profiled in the survey, only 20% of them have moved ahead in the adoption cycle since 2020. The issue of talent is to blame here.»

Infrastructure security is a significant priority for organisations, according to the report, with concerns over rising threats, particularly to endpoint devices in hybrid work environments. From 2020 to 2021, the number of security technologies in deployment rose dramatically, and 64% of respondents reported that they have either increased or are planning to increase investments in security technologies, up from just 31% the previous year.

WhatsApp activates end-to-end encrypted cloud backups


Keumars Afifi-Sabet

13 Sep, 2021

Facebook is launching end-to-end encryption protection for WhatsApp users who want to back up their chat histories to the cloud.

The firm has devised an entirely new system for encryption key storage that means end-to-end encrypted backups will be protected with a randomly generated 64-character encryption key. 

The firm’s two billion users will be able to benefit from this optional feature on their primary devices when it launches in the coming days.

“For years, in order to safeguard the privacy of people’s messages, WhatsApp has provided end-to-end encryption by default ​​so messages can be seen only by the sender and recipient, and no one in between,” said WhatsApp software engineer managers, Slavik Krassovsky and Gabriel Cadden. 

“Now, we’re planning to give people the option to protect their WhatsApp backups using end-to-end encryption as well.

“People can already back up their WhatsApp message history via cloud-based services like Google Drive and iCloud. WhatsApp does not have access to these backups, and they are secured by the individual cloud-based storage services. But now, if people choose to enable end-to-end encrypted (E2EE) backups once available, neither WhatsApp nor the backup service provider will be able to access their backup or their backup encryption key.”

All users can activate this method of backup to secure their accounts either with the key directly, or with a user password. If users choose a password, the key is stored in a Backup Key Vault that’s built on a component called a hardware security module (HSM). 

When the owner needs to access their backup, they can access it with the encryption key, or use their password to retrieve their key from the HSM-based vault. 

The vault enforces password verification and permanently disables the key after a number of failed attempts, however, meaning the backup will be lost forever. WhatsApp itself will only know that a key is being stored in the vault, and not what the key is. 

WhatsApp isn’t the first company to enforce end-to-end encrypted backups, with Apple enforcing encryption on iCloud backups.

However, the fact Facebook’s messaging service has expanded the level of encryption it uses on its service will likely anger law enforcement agencies across the world which have railed against the technology.

The Five Eyes nations of English-speaking countries, for example, have time after time asked for tech companies to water down or undermine the application of end-to-end encryption in their services. 

The group, for example, handed tech giants an ‘ultimatum’ in September 2018 to voluntarily insert a backdoor for law enforcement into their platforms. They have followed this up with repeated calls for a backdoor, and in October 2020, again, urged companies to implement a backdoor by-design into their services.

Are you over-sharing online?


Nik Rawlinson

28 Sep, 2021

You might think you’re being careful about what post on Facebook, Twitter and LinkedIn – but over time your accumulated posts will inevitably build up a picture of who you are. That could include where you reside, what you do for a living, your childhood, your family composition, your birthday and more. All of which would be valuable information to a potential identity thief.

As an example, let’s say you post a picture of your child blowing out candles on a cake. Unless the metadata has been stripped first, you’ve probably also shared the date on which the picture was taken. If your child is young, it’s unlikely they waited until the weekend to celebrate, so there’s a good chance the date it was taken was their birthday itself, even if you didn’t post it until a few days later. If there are three candles on the cake, or a card with a number on it, that’s the other half of the equation: anyone seeing your post now knows exactly when your child was born. If you’ve used their birthday – or part of it – in a password or security question, that’s a chink in your digital armour right there, ripe for exploitation.

That’s not the worst of it. If you took the picture on your phone, the exact GPS coordinates of the place where it was taken could be embedded into the image file. That’s probably your home address, so anyone who sees the picture now knows exactly where to find that nice painting hanging in the background. If you’re a married woman and your friends list includes family members, it won’t be hard to deduce your maiden name – another common security question.

The list goes on. Photos of your first car, connections to school friends… every seemingly innocuous detail makes you more vulnerable to exploits and scams. And now consider the data you’ve scattered outside of social networks – CVs uploaded to job sites, links stored in a cloud-based bookmarking tool, ads you’ve clicked on, the emails you’ve received in a webmail inbox and the places you’ve been with your phone in your pocket.

Whether this data has escaped through over-sharing or been collected without your noticing, you can never get rid of it all. But you can shrink it down – and the obvious place to start is social media.

Shrink your Facebook footprint

Facebook is currently involved in a dispute with Apple over what information it’s able to collect about users – but if you’ve ever used the platform then there’s no doubt that it already knows plenty about you.

To find out what information Facebook is holding, log in through a browser and click the down arrow in the top-right corner. Click “Settings & privacy”, followed by Settings. Select “Your Facebook information” in the sidebar, then “Download your information”. Leave the default settings as they are and click “Create file”. It will take a short while for Facebook to collect the relevant information. When it’s finished, you’ll be able to download a ZIP file, whose contents you can peruse to see what’s stored against your name on Facebook’s servers. Armed with this data, you can decide what stays – and what should be removed.

Deleting content from Facebook is surprisingly easy, especially if you use the Manage Activity tool; this lets you remove batches of information at a time, rather than just individual items. The catch is, it’s currently only available in the Facebook mobile app. To access it, tap the menu button on the toolbar, then hit “Settings & privacy”, followed by Settings. Now select “Activity log”; to remove individual entries, tap the three dots on the right of the screen beside each one. To delete several entries at once, tap “Manage activity” and pick whether you want to manage posts, activity you’re tagged in or interactions such as likes, reactions and comments.

Whichever you choose, Facebook will pull up a list of the ten most recent data points, and scrolling down the screen will extend the list. Tap the box beside each item you want to remove, or tap the box at the top of the list to select everything that’s shown on the page (you might want to scroll down to extend the list a few times). Finally, tap the remove or recycle button – depending on what you’re deleting – at the bottom of the screen.

You can also delete content through a browser – it’s just more time consuming. Log in and click the down arrow at the top of the screen, followed by “Settings and privacy” and Settings. Click “Your Facebook information”, followed by “Activity log”. As you hover over each item in the sidebar, three dots will appear on top of it, allowing you to unlike things you have liked or move content you’ve posted to the archive or recycle bin.

While these functions let you manage your publicly accessible content, you should be aware that Facebook also collects data to make internal decisions about what to show you. To review this, select “Privacy shortcuts” from the “Settings & privacy” menu and then “Review your ad preferences” (in the “Ad preferences” box) or “Manage your information” (in the “Your Facebook information” box).

If you’re reviewing your ad preferences, click “Ad settings” in the sidebar and work your way through each of the sections in the “Manage data used to show you ads” section. Some of the settings you’ll find here let you prevent advertisers from reaching you on third-party websites based on your Facebook data, while others let you see the content categories Facebook thinks you’re interested in.

This latter information can be quite eye-opening. It’s not always spot-on: I discovered that I was being targeted for content related to Assassin’s Creed, yet I haven’t played a computer game in more than 20 years (not even for career development). For the most part, though, the list was scarily accurate – it even knew the brand of watch I wear. There are links on the page that let you remove any categories that don’t apply, or which you’d simply prefer Facebook not to use for targeting.

If you want to get off Facebook altogether, the “Manage your information” section provides links to delete your data and close your account. If you’re hesitant about leaving the platform because you don’t want to lose touch with friends or family members who are using Facebook Messenger, there’s good news; it is possible to continue using Messenger for instant messages even after deactivating your main Facebook account.

If you decide to take the plunge, point your browser at Facebook’s account deactivation page, enter your password, complete the form and click Deactivate.

Instagram

You might imagine that Facebook-owned Instagram would offer similar levels of control over your content. Sadly, that’s not the case: you can discover a lot about the metrics that are used to determine what you’re shown in the app, but you can’t always correct or delete any incorrect inferences.

To see what Instagram thinks of you, open the app and tap your icon at the end of the toolbar, followed by the three lines at the top of the next page. Tap Settings followed by “Ads | Ad topics” and untick subjects that don’t interest you. If you tap into Security, rather than Ads, and hit “Access data”, you can see your apparent interests in blocks by selecting “View all” under “Ad interests” – but you can’t delete items recorded here.

What you can do is flag unwanted adverts individually. Tap the three dots above them in your feed then tap “Hide ad”. You can specify whether the ad is irrelevant, shown too often or inappropriate.

Shrink your Twitter footprint

Last year Twitter was hit by an embarrassing security breach that gave hackers access to numerous high-profile accounts, exposing all sorts of personal information associated with those accounts.

What information is Twitter keeping about you? To find out, log in through a browser and click More in the sidebar, followed by “Settings and privacy”. As with Facebook, the information is provided as a bulk download: with “Your account” selected in the second sidebar, click “Download an archive of your data” in the third, and enter your password. Click the “Request archive” button and Twitter will compile a Zip file. It will send you an email when it’s ready for collection.

Once you know what kind of information is in the database, you can make more informed decisions going forward. There are also some specific settings that it’s worth looking at (all of the menu options mentioned below are found under the “Privacy and safety” section of Twitter’s settings).

If you want to restrict your tweets so they can be read only by people who actively follow you, click “Audience and tagging” and click the box beside “Protect your tweets”. While you’re in this section, you can optionally disable photo tagging too, which stops people identifying you in photos they post to their own profiles. Once you’ve protected your tweets, you’ll be asked to authorise any future follower requests, rather than allowing anyone who wishes to follow you do so.

A specific privacy issue that we mentioned earlier is the possibility of giving away your whereabouts. To prevent Twitter from reporting your location, click “Your tweets”, then “Add location information to your tweets”. Untick the box and, optionally, click the link to wipe location data from tweets you’ve posted in the past.

Again, like Facebook, Twitter builds up an internal profile of you that’s used to select ads and suggest content. You can review this and remove specific interests from your record as you wish. To do so, click “Content you see | Interests” and untick the box for each subject you’d rather not hear about.

As for items you’ve actively shared, it’s easy to delete individual tweets by clicking the three dots icon on each one and selecting “Delete tweet”. Twitter doesn’t provide any way to remove whole batches of posts, but a number of third-party services have sprung up to plug the gap – check out tweetdeleter.com, twitwipe.com, or tweeteraser.com. If that’s not good enough, you may choose to go the whole hog and delete your Twitter account.

Shrink your Google footprint

Google offers an extraordinary range of products and services, many of which collect a whole lot of personal information – either for publication or for internal usage. Fortunately, the company also provides a single centralised dashboard from which you can keep track of everything that’s being stored about you across Google’s numerous sites and apps. To access it, start by navigating to myaccount.google.com and logging in.

Once you’re authenticated, a good place to begin is Google’s Activity controls page. Here you’ll find options to turn off whole categories of data collection, including location data, data gathered by Google-owned websites and Chrome, and data collected by devices such as your phone and tablet.

You can also limit what information is collected and used by YouTube: this will probably cause you to receive less relevant video recommendations, but you may not consider that a great price to pay for enhanced privacy.

At the bottom of the page there’s a link to the advertising settings page. If you want to see random ads, rather than ones based on your behaviour, just click off the switch labelled “Ad personalisation”. This only affects advertising on Google sites, but if you visit the Your Online Choices website you can similarly turn off advert personalisation for dozens of different companies.

If you want to remove your own content from your Google account – such as contacts, calendars, Drive data, ebooks, Play store purchases and so forth – it’s a good idea to download an archive of your content in advance, just as with Facebook and Twitter, which you can do from the Account Dashboard. When you visit this page you’ll see a long list of all the Google services that your identity is connected to; to download data for any of these individual services, click the down arrow to expand it, then click the three dots at the bottom of its card, followed by “Download data”. Clicking the main “Download your data” link at the top of the page will download a complete archive of content from all the various services.

Bear in mind that this page only shows information for the currently logged-in Google account. If you have multiple accounts – one for work and a personal account, for instance – you’ll need to repeat this process for each one. You can keep track of which identity you’re using by checking the account image at the top right of the dashboard pages.

Shrink your Microsoft footprint

Like Google, Microsoft has helpfully centralised a lot of its privacy settings in a unified dashboard. You can download a copy of your activity by clicking “Download your data”, followed by “Create new archive”. The file that’s delivered will include things like your search and location history and other personal information, but it won’t include data generated in applications such as Office Online or the Outlook calendar. To download those items, you’ll need to go into each product and manually make a copy of whatever you want to keep.

One information repository that’s of particular interest is what’s known as Cortana’s Notebook. Microsoft is scaling back Cortana as a general-purpose voice assistant, but since its introduction 

 which is where Cortana keeps track of things it’s learned about you, to help it provide relevant answers to any questions. You’ll find a link to this at the top of the Privacy page, with the data broken into sections covering topics such as your commute, weather preferences, news stories that interest you, stocks you’re tracking and so on. The more information Cortana has squirrelled away, the more effective it will be – but, if you’d rather wipe what it knows, click “Clear Cortana data” in the right-hand sidebar.

Like Facebook and Google, Microsoft also provides an easy way to opt out of so-called behavioural advertising, which by default serves up content based on what it knows about you. To do so, visit Microsoft’s Ad settings page and turn off all of the switches for personalisation.

Don’t forget to also check your privacy settings in Windows itself. Press Windows+I to open the Settings app and click Privacy, then use the switches to manage what the operating system can and can’t do. The standard settings allow the OS to show ads based on your interests and websites to access your language lists to provide locally relevant content, but these can be turned off at the flick of a switch. You can use the App permissions link at the left to block third-party apps from accessing information such as your location and account settings too.

Prevention is better than cure

The companies we’ve focused on above have huge databases of personal information, but don’t think your digital footprint stops there. It also extends to, for instance, the online supermarket that brings your groceries, the public library you use to download ebooks, your favourite digital magazine stores and anywhere you’ve ever saved your credit card details.

To audit and curate exactly what all of these services know about you can be a time-consuming business. However, it’s made a lot easier by services such as Rightly, which provides direct links to all manner of companies, with options to see what information they hold about you, to opt out of marketing or to request deletion.

It’s also important to realise that even if you take direct action, close your accounts and ask companies to scrub you from their databases, your information may still be out there somewhere. The things you publish online can find their way into an incalculable number of third-party services, without your ever knowing about it.

The only truly safe course of action, therefore, is never to publish anything that you might regret sharing in the future. If that’s not realistic, the next best option is to lock down any services you actively use from the very start, to prevent them from gathering personally identifiable information in the first place.

The great telephone switch-off


Barry Collins

21 Sep, 2021

The telephone network that we’ve relied on for decades is coming to an end. The UK’s public switched telephone network (PSTN) is being shut down in 2025, and traditional telephony products will stop being sold in as little as 18 months’ time.

The closure puts on notice everything from your home landline to the office phone system, from burglar alarms to traffic lights. They’ll all need to be migrated to digital technology within the next few years or they’ll stop working. ISDN lines are another casualty.

We’ve spoken to the person responsible for managing the switch-off and other industry experts to find out precisely what effect this will have on businesses – and why you need to start planning now for the great British switch-off.

What’s being switched off?

Although the switch-off hasn’t been widely publicised yet, there’s already some confusing, contradictory and wrong information being distributed about what’s being switched off, so let’s try and get to the bottom of it.

By far the most critical pieces of infrastructure to go are the phone lines. By 2025, every phone line in the country will be IP-based, instead of running over the traditional PSTN. That means the landline phone plugged into the wall will be redundant by 2025 (although some communications providers may offer workarounds, which we’ll come to).

The shutdown won’t only affect phone systems; it’s also going to affect any piece of tech that relies on a traditional phone line, including emergency phones in lifts, panic alarms, information displays, door-entry systems, CCTV and EPOS payment terminals.

“It’s a pretty big challenge,” says James Lilley, director of managed customer migrations at Openreach, who is overseeing the switch-off. “There are all sorts of what we call ‘economy special services’ that hang off that network,” he adds, referring to the devices fitted with telephone lines mentioned above. “They’re the ones that probably give us the biggest challenge in terms of migration and moving them over the coming years.”

Hanging up on the landline

Before we get onto that compendium of tech that hangs off the PSTN, let’s deal with telephones themselves. For home customers, James Lilley says that the providers currently supplying phone and internet services will deliver solutions to allow customers to keep using their existing handsets.

“What we’re seeing most communications providers do now is include analogue converters in their [internet] hubs,” he says. “So, you can take that same handset, and instead of plugging it into the wall, you plug it in the back of your router. Essentially, that will convert you to digital voice over the router.” Existing telephone numbers will be ported to a new VoIP system.

Business telephone systems, however, are a great deal more complicated than home landlines, and few companies have much expertise and experience in upgrading and managing them. After all, it’s perfectly likely that many small businesses had a PBX installed a decade or two ago and have barely touched it since. Some telephone systems will still be based on ISDN lines, which are also facing the chop in 2025.

Research conducted by Zen Internet shows that 72% of businesses are reliant on traditional telephony, more so in large enterprises. Yet the research also found that a third of SMEs were unaware of the future switch-off, with 17% of large businesses still in the dark.

Alex Bloor, general manager at Andrews & Arnold (A&A), says that the PSTN switch-off is a good opportunity for businesses to take advantage of the benefits that IP telephony brings – indeed, most of his company’s customers already have. “Our customers are either businesses with phones on desks, in which case they typically want something designed for purpose – and there are some really great, fairly cheap VoIP handsets by companies like Snom,” he says.

“Or, we have customers who put one of our SIP2SIM cards in a mobile phone,” he adds. SIP2SIM basically allows a customer to insert a SIM card in any mobile phone (not even necessarily a smartphone) and have it work like an office phone that’s tied to your desk. When you call out from the phone, it appears with the firm’s geographical “landline” number.

Zen Internet’s Jon Perkins says the company has stopped selling traditional telephony products to business customers, and is focusing on helping them prepare for the switch. “We’re signalling what’s coming and when, and giving them solutions,” he says. “And we’re often taking a bit of a margin hit, so we’re investing ahead of time to avoid what could be a much bigger risk. There’s a [cost] incentive to move customers off traditional copper-based voice services onto digital.”

That incentive applies to the company’s customers too, says Perkins, with customers able to buy a chunk of call minutes much more cheaply than traditional phone tariffs. “You generally save a lot of money [on calls],” he says.

As for ISDN, that was already a diminishing force in businesses, and the events of the past 18 months have given it a further shove towards obsolescence. Perkins describes his company as “exhibit A” for such a migration, having moved from an ISDN call centre to a hosted VoIP platform when its 200 customer support staff suddenly had to start working from home. “Lots of other call centres and colleagues in the telecoms industry have shared the same experience,” he adds.

ISDN’s diminishing customer base means it will barely be a problem in 2025, but there’s one area where it’s stubbornly clinging to life, and that’s in the “specials” market such as bus shelters, traffic lights and other utility devices that are going to prove more stubborn to shift.

The long tail

This brings us to those hard-to-budge devices we mentioned earlier: the burglar alarms, lift phones, panic alarms, traffic lights and all those other devices that rely on an old-fashioned phone line to call home.

Openreach’s Lilley admits that this huge swathe of non-telephony devices is going to pose the biggest challenge, but measures are in place to ensure a smooth migration. “We’ve got people coming into the tent now from a lot of trade bodies, representing a lot of the industries that use this network – like the alarm industry, the water industry and some of the utilities,” he explains. “They’re increasingly working with us to make sure that they’re messaging out to their suppliers the need to make sure that their equipment is compatible with IP.”

Lilley admits that “there will come a point in time where we need to switch this network off and, if customers haven’t migrated, there will be some tough choices to make”.

“The key thing is when we look at the critical stuff like health pendants, for example… they’re the ones we really, really need to make sure as an industry that we’re identifying and having the right migration policies and support in place for in the coming years.”

Some industries are better prepared than others. Barry Forsyth owns alarms business InstallSmart and points out that his industry has already migrated many alarm systems to either cellular or IP-based systems. “If your alarm was fitted by an accredited installer, they should have been proactive and upgraded those systems to a different signalling path,” he says.

However, he acknowledges that there will still be instances where business owners have ignored messages urging them to upgrade, or where alarm fitters have gone out of business. He’s particularly concerned about fire alarms, as there could obviously be life-or-death implications if they’re not upgraded before PSTN is switched off.

At the same time, Forsyth warns consumers and businesses to be wary of alarm companies using the PSTN switch-off as an excuse to sell an entire new alarm system when only the control box needs replacing. “I can’t think of a product that wouldn’t be upgradable [to cellular or IP signalling],” he says.

One solution for many products still relying on PSTN is similar to what will happen with domestic phone lines – an analogue telephone adapter (ATA) will be used to connect them to the digital network. “I suspect we’ll see a lot of emergency panic-button pendants hastily plugged into ATAs with weeks to spare until the deadline in 2025, and some will work and some might not,” says A&A’s Alex Bloor.

Inevitably, there will be some legacy products that haven’t been upgraded when the switch is finally flicked in 2025. “I strongly suspect there will be cases when someone gets trapped in a lift and stuck there all night… or when an old person trips over and presses the button, and nothing happens,” says Bloor.

“We may well hear some of these stories, but on the other hand, I wouldn’t use that as a stick to beat up BT with. Ultimately, we all knew that the days of PSTN were numbered when VoIP really started to take hold. It’s just one of those things. It’s been a hundred years, for goodness’ sake!

Five minutes with… Petr Janda, Pleo CTO


Adam Shepherd

14 Sep, 2021

Data is transforming virtually every industry, but arguably it’s the financial services sector that’s most heavily invested in building data-driven decision-making into its processes. For business expense management platform Pleo that’s a core strategy, and it informs much of the company’s IT investment. 

There’s a lot of investment to inform, too. The company recently broke records with a $150 million Series C funding round, the biggest in the history of its native Denmark. We asked CTO Petr Janda why data is such a priority for Pleo, and what challenges the organisation is hoping to overcome with it. 

What does your core infrastructure currently look like?

We’re leaning into a multi-cloud strategy. What that means is that we have a combination of different vendors: our core operation systems are running in Amazon Web Services, and we complement this with a data ecosystem from Google Cloud, so we’re operating across the two.

When it comes to going a step deeper, we’re staying away from bare metal, or even virtual machines: everything we deploy is containerised and managed by Kubernetes, which is standardised across all the back-end systems. That means that we offload a lot of management of the system onto cloud providers, and focus a lot more on the individual pieces of code we ship into them

On top of that, we’re very keen to make sure that we offload management of state. Anything that stores data, we ideally don’t want to host ourselves, even within our clusters. We make use of the solutions the cloud vendors have for us, be it managed Postgres databases or Google’s BigQuery. If something bad happens, we hope that these big tech companies with thousands of engineers should be able to solve it very quickly.

What’s your biggest priority within the business?

It’s the same as everyone else in the C-suite: we all focus on the customer, and how we can solve for them. For me, it’s about how we build a technology organisation that’s able to ship solutions and put products in front of the customer at a healthy pace. What I mean by that is, we can innovate as a company this year, but we have to be able to keep up a similar pace in a year or two, or three years from now. 

This, of course, is not trivial. If we focus too much on today’s world, we might be making things harder for the future. On the other hand, if you optimise too much for the future, you might be over-investing in areas where it’s not necessarily needed. We try to find a good rhythm, of innovating our current products whilst also building a long-term platform or infrastructure. At the core of that is balancing technology investments: I spend a lot of time focusing on how we design the organisation, and choosing the right initiatives to maintain this ability.

Which piece of technology would you say is most critical to achieving this?

I don’t think there’s a single piece which allows us to do that. It’s almost like, how does this system holistically work? How can we design a portfolio of services and a platform which allows us to build these products on top of that?

I guess one way to look at it is that, because we’re a financial institution, there’s quite a lot we have to do just to get the product in front of our customer. On one side, you have the parts of the platform that deliver the experience to the user, from the mobile app to a variety of web interfaces. But behind the scenes there is also a lot of infrastructure that has to integrate with the wider payment ecosystem, so we can effectively move money.

And behind all that there are additional building blocks: we have to comply with all the regulations, which are getting stricter as we go, and can differ across different markets. So there’s a lot of technology solutions and integrations we have to do to empower that. None of these pieces are crucial in isolation; solving in all these different levels is what allows us to innovate.

Do you have any preferred technology vendors that you especially invest in?

Enfuce is our payment processing provider – essentially our integration point between Pleo and the card networks, which is, of course, a central part of what we do. For anything else, we go in with an open mind. You can almost always find a solution from Amazon and Google – they have such a vast portfolio of products, servicing a very broad range of use cases. But we might also try to find more specialised vendors who have a deeper focus on the particular problem.

In a sense, we don’t really have a preference. We look at it as, okay, this is a problem, we need to solve it. Who are companies who play really well in this field? And how can we leverage that to push the product forward?

What’s the biggest IT challenge you’re currently facing?

Almost every company goes through a journey. When you’re an early-stage startup founder with, let’s say, a team of 10-15 engineers, you can get the sense of everything and manage that team as one. But as you scale beyond that point, you have to start to organise it more, and break it into smaller teams, which ship on a variety of different work streams.

That’s what Pleo has done. We have our portfolio of products, which we’re releasing to the market, and about 80 engineers, working across a number of teams. We’re now thinking more about how we can essentially create a platform on top of which all these things work.

One way you can look at it, of course, is the cloud infrastructure provided by Amazon and Google, and a layer of management on top of that, which we’ve already built inside of our team. But what I’m especially looking into is, how can we layer more reusable services on top of that, so they’re available to any team out there building Pleo’s applications?

What I see as the biggest challenge is that there’s about 13 teams running really fast, iterating and shipping to the market, and we kind of want to slot this platform under all of them as we go. There is no “let’s stop for six months, do this and then continue”. We want to find good initiatives, good technology solutions and good projects to take us towards that vision, while continuing to ship at a very fast pace, all the time. That is a big challenge for me.

Which part of your IT estate are you proudest of?

It’s hard to pick, but one thing worth mentioning, is our compliance solution, which gained us recognition from by one of the banks in Denmark – Danske Bank, I believe.

Essentially, when we onboard customers we’re required to disclose quite a lot about the client, such as the ownership structure of companies. Many fintechs handle this through partnerships and integrations with external parties, and there are a lot of great solutions out there. But doing it this way locks you a little bit into their way of thinking, and shapes the experience you can have on top of it. 

Early in Pleo, it was decided that compliance would be a key piece of our in-house tech estate. We built our own system which connects to a number of company registries, and helps us to model the compliance process and requirements into the technology stack. This then lets us build a different experience when working with the company going through onboarding.

Essentially, the idea is to minimise the work and input needed from clients, and from our employees inside Pleo. We lean into the technology, promoting the image of a company with automated data systems behind the scenes. And we believe it’s paying off, with stronger and more productised onboarding journeys. It’s definitely something we’re very happy with.  

What’s the next big project you’re planning?

This platform is a little bit of a moving target. We draw inspiration from companies like Spotify and their Backstage product, which essentially looks like an app for engineering teams, allowing you to spin up new services and infrastructure as needed. It almost feels like a product itself.

But if I had to point to one specific step we’re taking in this direction, it would probably be focusing on data. The organisation is growing very quickly, and without conscious effort we risk losing track of what is going on in the company, and how the different corners of the company relate to each other.

We see our data as the key to solving that. Data helps us to convey context from one side of the organisation to the other. We have a number of teams interacting with the customer on their journey to Pleo – from marketing, sales and customer success to the product and support teams – and we really want them to have a singular view of the customer, to provide the right data points to the relevant teams as they are interacting with the customer.

I see that as part of this overall platform – a big building block which is essentially our data ecosystem. We’re adopting this trend of a modern data stack, which essentially means building a platform which is provided as infrastructure to the rest of the organisation. The goal is to enable everyone to ingest data to the central data warehouse, which makes it interoperable, and there’s a number of discovery and quality aspects we’ve built on top of that. We basically allow a group of analysts to model the business and then distribute data back to different corners of the organisation.

If we nail this platform our teams will be able to work in a much more unified way, because they can look at the data and understand where this customer is coming from. “What just happened for them 30 seconds ago within the product, and how can I help them?”

Are you a Windows, Mac or Linux user?

My computer at home is a Mac, and I interact with Linux on our servers in one way or another. I’m trying to remember when I last used Windows… it’s probably 15 years ago, which I guess gives you the answer.

In the last ten years, what technology has made the biggest impact on the IT industry, and why?

I recall a time when I was building some systems for a customer, and I had to open an FTP terminal and move the files to the server. Looking back, it wasn’t the greatest experience. When I think of what we do today, shipping very large and complex systems relatively easily, I see it all as a massive journey. We have everything we need literally at our fingertips, and it’s powering innovation, because any company who adopts these cloud solutions has an almost endlessly scalable environment in which to operate.

If I dive one step deeper, I’m very passionate about data systems. Our cloud data warehouse, first starting with Redshift on AWS and later being pushed forward with BigQuery, feels almost like magic: I throw a lot of data in, and I start querying, and there are no indexes, no management of “how do I start today?”

I see data as the next wave, pushing the boundary of how much easier it’s becoming for companies to work without large teams of data engineers and custom pipelines between tools. That ecosystem is growing really quickly. And if you combine the cloud itself with the data aspects of solutions that are built on top of that, it’s a very interesting playground where products can be built far faster than 10 years ago.

Oracle launches free cloud training


Danny Bradbury

9 Sep, 2021

Oracle is offering free worldwide training and certification in its Oracle Cloud Infrastructure. Learners now have free access to the company’s entire learning curriculum across all skill levels. 

The training catalog includes courses at all levels across a range of IT roles, the company said. It includes preparation courses and practice exams to prepare people for testing and gives learners access to live sessions and personalised feedback. Career resources will also help people to secure jobs with their Oracle Cloud Infrastructure skills. 

The online courses are available on demand in 13 languages. They include hands-on labs so learners can test their skills in a simulated production environment. 

While the cloud training is available at no cost indefinitely, there is a time limit on the free certification. Learners can only get certified from the Oracle University for free until December 31. 

Launched in 2016, Oracle Cloud Infrastructure is the company’s cloud computing service. It offers infrastructure, platform, and software as a service (SaaS) options. It also offers Oracle Data Cloud, which offers analytics services. 

The company’s cloud service hasn’t seen the same traction as its competitors. Gartner placed the company in the “niche players” section of its latest public cloud infrastructure magic quadrant behind Alibaba Cloud. Google, Microsoft, and Amazon Web Services sat in the “leaders”’ section. Synergy Research Group placed the company eighth in market share terms based on its Q2 2021 research.

Oracle also lost its bid for the Pentagon’s since-disbanded JEDI cloud computing contract. 

Last year, German company Union Asset Management AG sued the software giant for allegedly misleading the market on its cloud revenues and bullying customers into cloud migrations with a strategy called Audit, Bargain, Close. 

This isn’t the first time Oracle has run free training. It also offered free Oracle cloud courses in spring 2020. 

Azure Container Instances users urged to ​​revoke privileged credentials after flaw discovery


Sabina Weston

9 Sep, 2021

Microsoft’s security team has urged Azure Container Instances (ACI) users to revoke any privileged credentials deployed to the platform prior to 31 August.

The advice comes as Palo Alto Networks discovered a vulnerability, which has since been fixed, within ACI which made it possible for hackers to ​​obtain user data.

Dubbed Azurescape, due to the escape method being uncovered in Microsoft’s Azure container as a service (CaaS) platform, said a spokesperson for Palo Alto Networks.

“This type of cross-account takeover represents a new attack vector that hackers can use to target cloud services. We expect that more vulnerabilities will be discovered that enable cross-account takeover,” the spokesperson told IT Pro.

Azurescape was discovered by Unit 42 researcher Yuval Avrahami, who reported it to Microsoft and was awarded “two bug bounties” for an undisclosed amount.

No evidence was found suggesting that the flaw was exploited, according to the Microsoft Security Response Center team.

“There is no indication any customer data was accessed due to this vulnerability. Out of an abundance of caution, notifications were sent to customers potentially affected by the researcher activities, advising they revoke any privileged credential that were deployed to the platform before August 31, 2021,” they stated.

However, lack of evidence doesn’t exclude the chances that a data breach happened. Microsoft didn’t confirm whether it was confident no data had been accessed, according to Reuters.

The tech giant told ACI customers that if they hadn’t been notified, “no action is required”.

“If you are unsure whether your subscription or organisation has received a notification, please contact Azure Support. If you have any concerns, rotating privileged credentials is a good periodic security practice and would be an effective precautionary measure,” it added.

The advisory comes weeks after thousands of its Azure customers had their main databases compromised. Affected customers included some of the world’s largest companies, according to cyber security researcher Wiz, and was dubbed “the worst cloud vulnerability you can imagine”.

Microsoft had since fixed the vulnerability, at the time saying that there was no evidence the flaw had been exploited. The tech giant had reportedly agreed to pay the security researchers $40,000 for finding the flaw and reporting it.