IBM unveils next-gen Power10 server for hybrid cloud


Bobby Hellard

8 Sep, 2021

IBM has announced a new Power E1080 server, the first in a new family of servers based on its 7nm-developed Power10 processor that has been specifically designed for hybrid cloud environments.

The IBM E1080 server has been engineered to be one of the most secure server platforms, according to IBM, with an architecture to help users operate a frictionless hybrid cloud experience across their IT infrastructure.  

“When we were designing the E1080, we had to be cognizant of how the pandemic was changing not only consumer behaviour, but also our customer’s behaviour and needs from their IT infrastructure,” said Dylan Boday, VP of product management for AI and hybrid cloud. 

“The E1080 is IBM’s first system designed from the silicon up for hybrid cloud environments, a system tailor-built to serve as the foundation for our vision of a dynamic and secure, frictionless hybrid cloud experience.”

The E1080 has several “key” features, which includes by-the-minute metering of Red Hat OpenShift and Red Hat Enterprise Linux with architectural consistency and cloud-like flexibility across the entire hybrid cloud environment.

There are also hardware-driven performance improvements that deliver up to 50% more performance and scalability than its predecessor the IBM Power E980, according to IBM. 

It also features new security tools, such as transparent memory encryption that requires no additional management setup, a robust ecosystem of ISVs, business partners and security software for every level of system stack. IBM is also launching a tiered “Power Expert Care” service to help clients as they protect their systems against the latest cyber security threats.

“Our collaboration with IBM on Power10 will serve as a continuation of this commitment to support a broad range of architectures,” said Stefanie Chiras, senior vice president of Red Hat’s platforms business group.

“As an architectural foundation for Red Hat Enterprise Linux and Red Hat OpenShift deployments on-premises metering, IBM Power will offer the scale and flexibility to help customers realise the benefits of open hybrid cloud.”

Automated hiring systems are rejecting qualified candidates


Zach Marzouk

7 Sep, 2021

Automated hiring systems filter out qualified high skilled workers, according to a Harvard Business School report focused on how leaders can improve hiring practices to uncover missed talent pools and close skills gaps. 

Researchers found that inflexibly configured automated recruiting systems, which are “designed to maximize the efficiency of the process”, tend to hone in on candidates using very specific parameters to minimise the number of applicants that are actively considered by an organisation.

“For example, most use proxies (such as a college degree or possession of precisely described skills) for attributes such as skills, work ethic, and self-efficacy,” researchers stated in the report. “Most also use a failure to meet certain criteria (such as a gap in full-time employment) as a basis for excluding a candidate from consideration irrespective of their other qualifications.”

As a result, this excludes from consideration viable candidates whose resumes do not match the criteria “but who could perform at a high level with training”. 88% of employers who took part in the survey agreed with this statement, admitting that qualified high skilled candidates are vetted out of the process as they don’t match the exact criteria established by the job description. The number rose to 94% in the case of “middle-skill” workers.

Researchers found that automated systems represent the “foundation of the hiring process” in the majority of organisations, with 90% of employers in the survey using automated systems to “initially filter or rank potential middle-skills (94%) and high-skills (92%) candidates”.

The report also found that the rapid pace of change in many occupations, driven in large part by advancing technologies, has made it “extremely difficult for workers to obtain relevant skills”. 

“The evolution in job content has outstripped the capacity of traditional skills providers, such as education systems and other workforce intermediaries, to adapt,” said the report, highlighting that to develop the capabilities employers seek increasingly requires the candidate to be employed.

To deal with these problems, the report recommended refreshing job descriptions, shifting from “negative” to “affirmative” filters in automated recruiting systems, establishing new metrics for evaluating talent acquisition, and enlisting a senior leader to champion, direct, and monitor the evolution of hiring and onboarding practices.

HBS’s global study included a survey of over 8,000 “hidden” workers, those who miss hours, unemployed and seeking work, or those who are not working or seeking employment but are willing to work under the right circumstances, as well as over 2,250 executives across the US, UK, and Germany. Researchers also found that the situation, although it has worsened over the pandemic, has been growing over recent decades.

“A single data point made the intractability of the problem apparent—just under half (44%) of middle-skill “hidden workers” reported that finding work was just as hard pre-COVID-19 as it was during our 2020 survey period,” stated the report.

How the cloud is helping Currensea create a more sustainable future


Sabina Weston

7 Sep, 2021

Many startups dream of the day they get their Big Break, but not all of them pause to consider whether they will actually be able to handle the rapid increase in demand for their services. 

For Currensea, their Big Break was delivered by their appearance on Channel Five’s long-running consumer technology series The Gadget Show.

“We didn’t know how this was going to play out,” recounts Craig Goulding, who co-founded Currensea in 2018 with fellow former JPMorgan employee James Lynn.

“When it aired, things went absolutely berzerk, traffic to our website and application went through the roof. We were issuing one card every six seconds – totally, utterly insane,” he tells Cloud Pro.

Sudden influxes of traffic, often prompted by media coverage, are not a daily occurrence for many companies. However, when they do happen, many websites cannot handle the demand and buckle up under pressure. This means that the company can miss out on new orders and – most importantly – profits. 

For Currensea, however, this moment was made possible by the elasticity and scalability of the cloud on which its website is built.

“The platform just handled that surge in volume,” says Goulding. He describes the appearance on the show, as well as the subsequent frenzy, as “an amazing experience” that was fully enabled by technology, allowing Currensea to sit back and reap the rewards. 

“One of the great things about the cloud is that you don’t have to worry about servers,” he tells Cloud Pro. “So you can concentrate on building and running applications and business logic, rather than having to worry about having to manage the infrastructure. Amazon Web Services just takes care of all that for you.”

Goulding adds that this was especially important for the small team of engineers that makes up Currensea, allowing them to focus on “building products and building differentiation, rather than having to worry about the kind of nuts and bolts of the service and goodness knows what”. The experience with The Gadget Show helped Goulding realise the importance of the ability to scale up and scale down on demand, especially when these kinds of peaks in traffic are rare. It also helps the company save money.

“If you’re not using it in the cloud then you’re not paying for it, so it’s a very flexible and adaptable model as well,” he says.

The cloud offers more than just peace of mind, though.

“Another huge benefit is just the number of tools they have in their environments, which you just point and click and configure, then you magically get them, which is incredible. Again, if you’re having to kind of build that up yourself, it would be a hugely conservative resource, so it’s just a massive accelerator for us,” he says. 

“Then you’ve got the resiliency as well. You’re spread across multiple data centers and everything kind of fares over if there’s any issues in one data center. So, you run a 24/7 operation with no downtime.”

Saving the oceans, one card at a time

The cloud has been hailed as a life-saver for many industries, especially during the COVID-19 pandemic. For Currensea, however, it’s allowing the challenger bank to channel all its attention into its environmental efforts.

While many banks are undergoing a digital transformation, offering a brighter and more convenient future, what actually lies ahead might be rather more bleak. Extreme weather, food shortages, and pollution are only the tip of the environmental iceberg, with the gradual melting of ice caps and rising sea levels threatening to submerge coastal cities such as Miami as early as 2050. All of these issues could impact everyone’s long-term plans – but could something as small as a bank card help reverse them?

Whether debit or credit, banking cards are most often made out of polyvinyl chloride, more commonly known by the initials PVC, which is notoriously difficult to recycle, usually ending up sitting in landfills for centuries to come. This has prompted Currensea to opt for biodegradable cards that, when disposed of, will take about a decade to decompose. However, the challenger bank’s environmental drive isn’t limited to cards only: Earlier in 2021, the company launched a new feature that enables customers to contribute to cleansing the oceans of plastic waste every time they spend money abroad, with a pledge to remove 2.5 times the amount of plastic they produce every year.

“For each card that we’re producing, we’re also extracting plastic from the oceans – more plastic than we’re actually introducing to the world,” explains Goulding.

When asked about the problem of greenwashing – companies branding themselves as sustainable for marketing purposes, with limited positive impact for the environment – Goulding says he is “very conscious of that”.

“You either do it properly, or you don’t do it at all,” he says.

TechUK subsidiary extends digital training initiative to tackle skills shortage


Bobby Hellard

7 Sep, 2021

Employer-led training firm, TechSkills, has announced an extension of its Tech Industry Gold accreditation to help tackle the tech industry’s digital skills shortage. 

The training body is a subsidiary of lobby group techUK and its Gold certificates acknowledge intensive digital training programmes that offer “high-quality” pathways into the digital industry. 

The credentials make it easy for employers to understand the skillsets of individuals and match them to job vacancies, according to TechSkills.

Learners themselves can choose Tech Industry Gold accredited programmes and be confident in the relevance of their training for their next career move. It includes an award (Tech Industry Gold Digital Credentials) which proves job-ready skills in a form that is easy to understand and portable across companies, sectors and geographies.

“As the chair of the Tech Industry Gold Steering Group, and on behalf of the TechSkills Employer Board, I am delighted with the extension of Tech Industry Gold accreditation into intensive training programmes,” said Colin Bannister, VP of solution engineering at VMware EMEA.  

“This will make it easier for individuals to choose high-quality pathways into tech, and Tech Industry Gold Credentials will make it easier to secure employment and progress careers. I believe this will make a real contribution to strengthening the talent pipeline and helping individuals realise their potential in our fast-growing digital economy.”

Professional services organisation FDM Group is the first company to achieve ‘Training Programme accreditation’. The company’s Business Analysis training programme has been recognised for its quality and relevance in preparing learners for employment in entry level Business Analysis roles.

“We are very proud to join the Tech Industry Gold community as the first company to achieve industry accreditation for training programmes,” said Rod Flavell, CEO, FDM Group.

“Our people come from all walks of life and all backgrounds, and we want to give each person the best possible start to their career. Ensuring our programmes are independently reviewed and approved helps us to continually deliver the very highest standards of training, focused on job readiness for our employees and value for our clients. 

“These are exciting times for FDM Group. We have big ambitions to increase our new hires this year and help build the tech careers for a whole new generation of candidates.”

US officials warn of “mass exploitation” of Atlassian Confluence flaw


Keumars Afifi-Sabet

7 Sep, 2021

Hackers are exploiting a vulnerability in the on-premise Atlassian Confluence workplace collaboration platform on a massive scale, with businesses urged to patch their systems without delay.

US Cyber Command issued a public notice just before the weekend warning that mass exploitation of the remote code execution flaw tracked as CVE-2021-26084 is “ongoing and expected to accelerate”. 

“Please patch immediately if you haven’t already,” the notice added. “This cannot wait until after the weekend.”

Confluence is a workplace collaboration platform that allows teams to work together remotely on projects or ideas. 

The vulnerability, which is embedded in the Atlassian Confluence Server and Confluence Data Center products, can allow an unauthorised attacker to execute arbitrary code on either of the affected platforms. 

Confluence Cloud, which is hosted on public cloud environments, isn’t affected by the flaw. Rather, the on-premises versions of the product are those susceptible to exploitation.

It’s rated 9.8 on the CVSS threat severity scale out of ten, suggesting it’s highly exploitable. The firm had never publicly revealed the precise exploit mechanisms, though, beyond describing the flaw as a Confluence Server Webwork OGNL injection. This was presumably to avoid fuelling any future attacks before businesses had a chance to apply the fix. 

Atlassian disclosed this vulnerability a couple of weeks ago and urged businesses to patch their systems at the time. However, cyber criminals from around the world have since been detected as scanning for vulnerable systems and launching attacks.

The threat intelligence firm Bad Packets, for example, detected mass scanning and exploit activity from hosts in a number of regions including China and Brazil earlier last week.  

Atlassian previously addressed a serious vulnerability in its system that could allow hackers to compromise user accounts, and control several apps that users can access seamlessly through a single sign-on (SSO) feature.

This latest vulnerability in Confluence is just one of many serious vulnerabilities that have been exploited during 2021, with the rate of successfully abused zero-days surging over the last few months. 

The benefits of Bare-Metal-as-a-Service for fintech


Sponsored content

3 Sep, 2021

It is expected that, by the end of 2025, the global fintech market will grow to $125 billion. But the development and maintenance of a good app comes with challenges. What technologies should you choose? How much will it cost to maintain? And crucially, what hardware should a fintech project choose?

For the growing needs of high-capacity financial calculations, there’s almost no alternative to dedicated servers. Add to that the speed, flexibility and affordability of the as-a-Service format, and you’ll get a high-quality solution for all the infrastructural needs of your business: a public cloud with bare metal servers.

What is a bare metal server?

A bare metal server is a physical server rented by the client. The hardware is available as is – the user gets a clean system, with no pre-installed OS, and is in full control.

If you’re the sole lessee of a server, you have full control over all its resources. You can install anything on it and set it up any way you want, like your own desktop. You want to deploy your own virtual machines? Feel free to do that. You want to use the entire node for a single project? No problem.

Why is bare metal a good fit for fintech?

Dedicated servers are a better fit for resource-heavy apps. In the world of financial services, there’s a lot of transactions going on. Virtual machines are not the best choice for such an environment, since the “virtualisation tax” prevents you from using 100% of their capacity. Another issue is the distribution of the platform’s resources between users – when one of them uses too much of the server’s capacity, their neighbours pay for it.

Unlike virtual machines, dedicated nodes are better at coping with resource-heavy tasks. According to research, when performing tasks that require high processing speed, virtual machines lose up to 17% of capacity compared to bare metal servers. This is because bare metal users have full access to the server and can single-handedly use all its computational resources. This approach allows the organisation of a more productive platform to receive, process and store financial app data.

Why the Bare-Metal-as-a-Service model?

Bare metal solutions are often harder to order than a virtual machine, and you must wait longer for the server to be prepared for operation. Another issue is the management of the disparate infrastructure of dedicated servers, virtual machines and clouds when purchased from different providers.

G-Core Labs’ new offering, Bare-Metal-as-a-Service, solves these problems. With this service, a user can get a ready-for-use dedicated server as easily as a virtual one. Just select the right features, connect a private or public network, or several networks at once, and in a few minutes, the physical server will be ready for use.

Extra security is expected from fintech

To provide financial services on the EU and US markets, you need to be 100% confident that your app works securely and your infrastructure is reliable. If the PCI DSS standard is not met, a company may have to pay hefty fines.

That can be avoided by choosing a reliable provider. For example, with G-Core Labs, you can be confident about the high level of protection of the cardholder’s personal information in the cloud, which is particularly important for the financial sector and for any companies that work with acquiring. The G-Core Labs cloud has been certified under the PCI DSS 3.2.1 standard for storage, processing and transfer of payment card data. The certification has been confirmed after the yearly QSA audit run by the company Compliance Control Ltd.

To ensure even better data security, G-Core Labs dedicated server users can use the encryption technology Intel SGX, a set of processor instructions that an app can use to allocate private parts of code or data, ensuring extra protection from disclosure or modification.

Fintech app developers need full access to hardware

When working with high loads, you need maximum capacity, so it is crucial to be able to choose and set up all hardware components on your own.

For example, digital insurance creates a significant increase in policy administration speed and processing of hundreds of kinds of claims. Such apps help reduce the likelihood of insurance fraud. They can be anything from a simple website offering an insurance policy for a car rental to a complex CRM system, for which even the most powerful stock servers might not be enough.

In the G-Core Labs Bare-Metal-as-a-Service public cloud, all these tasks – configuration management, orchestration and the addition of new dedicated servers – can be automated through API to quickly scale the platform in accordance with the client’s resource needs. The data can be also stored on NVMe drives. Servers located in G-Core Labs data processing centres offer capacity and control so full as though they were located right in your office.

Latency should be minimal

Modern fintech apps need the servers to be as failure-proof and high-capacity as possible. Imagine you’re launching an instant loan service for small businesses. The first thing you need to ensure is efficient processing of credit requests and interaction between borrowers and loaners. The essence of this concept is very quick data processing, instant decision making and split-second responses.

Such solutions require high-bandwidth infrastructure. G-Core Labs has dedicated servers that provide this, located in reliable data Tier III and IV data servers in over 15 cities of the world.

Fintech apps need quick database access

Fintech apps, especially those with real-time bidding (RTB), often need quick access to user profiles and information about their access. Disintermediation is fintech’s most powerful weapon, but it has a lot of requirements.

For example, digital investment platforms allow beginner and pro investors to explore and use different financial assets. These solutions allow the users to get analytics data, which, in turn, allows them to increase the efficiency of their investments. The servers of such apps manage millions of operations simultaneously.

In the G-Core Labs cloud, you can use high-capacity NVM disks, and the processing power is ensured by Intel. In April 2021, the provider was one of the first in the world to start integrating 3rd gen Intel Xeon Scalable (Ice Lake) processors in the server infrastructure of its cloud services. This equipment allows fintech apps to quickly manage any tasks.

Cloud services pretty much emulate a local data-processing centre, with its high and predictable capacity. They are the perfect fit for the resource-heaviest tasks. Therefore, bare metal is the most useful for tasks like real-time transaction processing or analytics systems, without which a fintech app cannot be imagined. Bare-Metal-as-a-Service is the most realistic alternative to a private server for a fintech startup.

Discover more about Bare-Metal-as-a-Service with G-Core Labs

Google Calendar now gives greater insight into your workday


Justin Cupler

3 Sep, 2021

Google has announced a new Time Insights mode for its Calendar app that will show you how you spend your time, how many meetings you have, and who you spend most of your time working with. 

Google Calendar has become a powerhouse in the era of remote work, as it helps distributed teams better manage their schedules and share them across a group or company. Soon, it will offer even more with the new Time Insights mode that offers a deep dive into your daily doings.

Time Insights will give you a close look at the information that will help you better understand your day. It will show you your time breakdown, which displays your working hours and the various types of meetings you have. It will also give you insight into the time you spend in meetings, highlighting days and times especially heavy on meetings. 

Another key insight will be a look into who you are meeting with and the ability to “pin” key stakeholders to ensure you keep the lines of communication flowing. This feature will also highlight all your meetings involving a specific person if you hover over them in the Calendar app. 

All this information will only be visible to you — your manager will not have access to these insights — unless you give someone “manage time sharing access” permissions. 

Google began rolling out the new Time Insights update to admins on August 30, and it plans to complete admin distribution within 15 days. 

End users on Google’s Rapid Release track will start seeing Time Insights on September 6. Those on Google’s Scheduled Release track will see the rollout begin on September 20. Google expects to complete end-user distribution within 15 days of the initial release.

Google Calendar Time Insights will be available to Google Workspace Business Standard, Business Plus, Enterprise Standard, Enterprise Plus, Education Plus, and Nonprofits customers only. It will be visible on a computer only — the smartphone app will not gain the new feature. 

According to Google, Time Insights will be active by default, but admins can deactivate it at the domain/OU level. 

Microsoft announces new Spring Cloud offering on Azure


Simon Bisson

2 Sep, 2021

Today at SpringOne, Microsoft and VMware announced a new managed Spring Cloud service, Spring Cloud Enterprise running on Azure.

Building on the 2019 launch of Azure Spring Cloud, before Pivotal’s acquisition by VMware, it adds elements of VMware’s Tanzu with a focus on enterprise management. A private preview will be launching sometime later in 2021.

Azure Spring Cloud is designed to support running Spring Boot applications at scale, with Microsoft managing security updates, monitoring, and scaling, and it’s so far been a successful offering, with customers like Digital Realty and Swiss Re.

There’s a lot of experience with Spring, with many big enterprise users running thousands of applications that have yet to be moved to the cloud and with nearly 60% of Java developers using Spring. In order for them to start this transition, they need additional tooling to support running and modernising these existing applications.

By adding VMware Tanzu tools to the existing Spring Cloud service, Azure Spring Cloud Enterprise is intended to fill this gap, adding an extra tier to the existing Basic and Standard offerings. While the underlying Azure infrastructure remains much the same, the new service initially adds support for Tanzu’s Build, Application Configuration, and Service Registry services. Spring Cloud Gateway and Spring Cloud Data Flow are planned for future updates. These tools will make it easier for customers to automate container creation and operations with Buildpacks, simplifying moving on-premises applications to Azure.

Jean Atelsek from 451 Research notes that Microsoft’s intent to focus on Spring Boot applications running on managed Kubernetes is key: “It is a best-of-both-worlds proposition, enabling quick builds using sensible defaults and accelerators but also allowing companies to tailor software to fit into their IT environments.”

At the same time, Lara Greden from IDC points out the benefits of bundling: “By recognising the importance of a fully supported experience for developers and architecture teams and with a pricing scheme similar to the Kubernetes offerings, the companies have put a beneficial wrapper on an already valuable set of technical capabilities.”

The new service also includes expanded support, with VMware offering Spring Runtime support services on top of Microsoft’s existing Azure support offerings.

Amazon global hiring spree to add 55,000 new jobs


Keumars Afifi-Sabet

2 Sep, 2021

Amazon is set to add 55,000 new roles to its global workforce, growing the size of its tech and corporate teams by 20% from 275,000 to roughly 333,000.

The firm will make more than 40,000 full-time hires across its corporate and tech divisions in more than 220 locations in the US, alongside tens of thousands of hourly positions in its operations network.

These new jobs will come alongside roughly 15,000 additional full-time hires in countries such as India, Germany, and Japan, according to CEO Andy Jassy, speaking with Reuters.

These new opportunities come after the firm hired 50,000 new workers for full-time and part-time positions in its US-based fulfilment centres and delivery networks, and goes some way to meet Amazon’s pledge to hire 100,000 delivery and operations staff to cope with mid-pandemic demand.

The company previously claimed in May that it would create 10,000 jobs during 2021 in the UK, taking the British workforce to 55,000. These new jobs include roles in its corporate offices in London, Manchester, Edinburgh, and Cambridge, as well as engineering, software development, cloud computing, AI, and machine learning roles.

The 55,000 new positions will be in areas such as engineering, research science, and robotics, Jassy added. These will be newly-created jobs, as opposed to vacancies that have opened up due to existing staff stepping down.

Amazon also announced last year that it would invest $1.4 billion (roughly £1.1 billion) to create 3,500 jobs and open roughly 85,000 square metres of additional office space. These roles were being created for tech hubs in major US cities including Dallas, Detroit, Denver, New York, Phoenix, and San Diego.

Although the firm has generally favoured a full office return, it’s been forced to row back its plans following the recent surge in COVID-19 cases. Its workforce has been offered the chance to spend three days per week in its offices from 2022.

Amazon has announced its hiring spree alongside a careers programme designed to give its workers career coaching sessions and guidance.

A team of recruiters will give advice to prospective new starters on potential opportunities in its logistics network and corporate division. This is alongside preparing prospective employees for tech positions such as engineering and data science.

IT Pro 20/20: The end of the remote work dream


Dale Walker

1 Sep, 2021

Welcome to issue 20 of IT Pro 20/20, the digital magazine from our sister title that distils the most important themes of the previous month into a quick, easy-to-read package.

With the pandemic almost behind us, companies are now having to grapple with the thorny issue of returning to office work. For many, that involves choosing how much flexibility to give employees. However some organisations, across both the public and private spheres, are questioning the validity of paying all employees equally.

Recent policy announcements from major tech players like Google to cut the pay of remote workers has sparked an industry-wide conversation about the nature of flexible work, which many believe could result in a new era of discriminatory workplace policies.

DOWNLOAD ISSUE 20 OF IT PRO 20/20 HERE

The next IT Pro 20/20 will be available on 30 September – previous issues can be found here. If you would like to receive each issue in your inbox as they release, you can subscribe to our mailing list here.