Cloud? Why not, says Lambeth council


Maggie Holland

26 Oct, 2018

The public sector, and local authorities in particular, have generally been accused of being IT and change laggards who refuse to embrace what modern technologies can offer.

Not so the London Borough of Lambeth. It’s current mantra is “Why not the cloud” when it comes to any tech implementation, according to Hamant Bharadia, assistant director of strategic finance at Lambeth.

And the council has saved at least £4.5m per year and enjoyed many other benefits as a result of this fresh thinking.

Its existing technology contract was due to end in July this year and that was a key driver for change – change the council set out to form a plan for two years earlier back in 2016.

“It was very clear that as an organisation we needed to do something different, something radical,” Bharadia said, adding that the transformation efforts formed part of a wider change dubbed ‘Future Lambeth.

Future Lambeth being the public facing element and ‘My Lambeth’ being an internal focus on staff, self-service, agility and productivity.

Another driving factor was the budgetary constraints currently looming over local authorities, with many having their spend options drastically cut. In Lambeth’s case, this was a sting of somewhere in the region of 50%.

“We don’t see that changing at all,” Bharadia said, which is another reason the council has tried to make savings. That £4.5m, for example, is being ploughed back into the service side to help ensure the council can still deliver on citizen expectations for 24/7 operation.

With some 320,000 people living in the area, it was important for Lambeth to provide them with a range of options on how they interact with the council as well as ensuring the relevant associated tools and technologies were their for employees to meet those varying expectations.

One aspect of the changes required to get from vision to reality was physical, with the council looking to consolidate the number of buildings it used. It was spread out across 14 buildings – some of which were houses initially designed for residential purposes – and wanted to streamline this to just two for a number of reasons.

Those two buildings are the Civic Centre and Town Hall, which act as hubs for employees who have embraced agile working, with most working on average two days a week for home.

With staff being able to work from anyway, the right technology infrastructure, tools and services became paramount, Bharadia said.

This is where Oracle Cloud acts as a backbone, with other elements such as Microsft Office 365 and Skype playing an important but supporting role.

Leave scheduling is managed using Oracle and 1:1 meetings are recorded and stored as threads for ease of reference, for example.

“It’s also about space. Servers take up room. These are things you can store and secure in the cloud,” Bharadia said, adding that printing has now been centralised too ensuring financial and energy savings in the process.

Oracle goes back to its startup roots to give something back


Maggie Holland

26 Oct, 2018

Oracle may be more than 40 years old, but it’s still young at heart and eager to help support and learn from those starting out who have the potential to create successful cloud-based businesses.

That was one of the key messages at a startup-focused panel at Oracle OpenWorld in San Francisco this week, where the firm detailed the history of and its future plans for the Oracle Startup Cloud Accelerator programme.

“Startup accelerators are not new. We realise we are a little bit late to the game. We wanted to do something unique and better. [So we asked] what can we do that brings value to the Oracle community?” Said Jason Williamson, Vice President of startup ecosystem at Oracle.

“[Innovation] isn’t just happening in Silicon Valley. Creation is happening all around the world so we set out [to tap into that]… We’re learning, we’re a start up ourselves. How do we be a part of Oracle’s change story too? If you want to reach people you haven’t reached before you need to do things you haven’t done before.”

Last year, Oracle hand selected seven startups to work with, but the demand for support was so great, it now plans on having a rolling admissions process.

The programme is backed by nine physical locations – a number likely to grow in time – but it’s optional if startups want to be based in the same space as the necessary support can be provided in other ways too.

The criteria for entry is pretty simple – it’s all about finding and engaging with ‘cool’ startups that would benefit from a relationship with Oracle. “B2B things. Things that are data heavy,” Williamson said.

“We are super interested in stories to enable startups around the world. What we’ve seen coming out of the UK has been awesome. Our goal is to really come alongside during this process and help along the way. But not just with technology – to help them get revenue. That’s what you want as a startup – revenue – and one of the unique things we can help with,” Williamson added.

But that doesn’t mean start-ups have to sell their souls to Oracle in return.

“We don’t take equity…We get to create a virtuous cycle. We’re not putting in a cash investment. We’re doing an in kind investment. You’re getting credits, space if you need it, access to our marketing team. There’s value there,” Williamson added.

“If we can put these customers in front of our startup base and they start getting revenue, they have to service these customers. If they start servicing these customers they will need more OCI etc It’s long tail and we’re fine with that.”

He added: “With the fullness of time and when they graduate from the programme, it’s not when they are going to be their best selves. They will be peaking in three years. I want to be sure we’ve treated them well. That we have that connective tissue. So, when they grow and expand they will grow and expand with us.”

The panel wasn’t just a case of Oracle talking up its efforts helping startups. A number were also in place to share their, very positive, stories, too.

One such company is iGeolise which was part of the first accelerator programme cohort and has essentially created a “travel time platform,” according to Charlie Davies, its co-founder and technology and product director.

“You can search the world around you by time rather than distance. Distance is a completely useless way to search as all of us are at the mercy of the public transport systems around us. We license this as an API to lots of companies in the UK, including Right Move,” he said.

“Oracle is so big and we are so small. Navigating this would have been impossible if it wasn’t for the startup accelerator.”

He added: “One of the challenges we’ve had being a mapping company is the amount of data became a huge bottleneck for us in terms of getting customers. We have done very well in the UK, but we wanted to attract bigger brands across Europe and the rest of the world. What Oracle gave us was a nice tick. OCI is like a secret leviathan behind you where people sit up and listen a bit more.”

Oracle goes back to its startup roots to give something back


Maggie Holland

26 Oct, 2018

Oracle may be more than 40 years old, but it’s still young at heart and eager to help support and learn from those starting out who have the potential to create successful cloud-based businesses.

That was one of the key messages at a startup-focused panel at Oracle OpenWorld in San Francisco this week, where the firm detailed the history of and its future plans for the Oracle Startup Cloud Accelerator programme.

“Startup accelerators are not new. We realise we are a little bit late to the game. We wanted to do something unique and better. [So we asked] what can we do that brings value to the Oracle community?” Said Jason Williamson, Vice President of startup ecosystem at Oracle.

“[Innovation] isn’t just happening in Silicon Valley. Creation is happening all around the world so we set out [to tap into that]… We’re learning, we’re a start up ourselves. How do we be a part of Oracle’s change story too? If you want to reach people you haven’t reached before you need to do things you haven’t done before.”

Last year, Oracle hand selected seven startups to work with, but the demand for support was so great, it now plans on having a rolling admissions process.

The programme is backed by nine physical locations – a number likely to grow in time – but it’s optional if startups want to be based in the same space as the necessary support can be provided in other ways too.

The criteria for entry is pretty simple – it’s all about finding and engaging with ‘cool’ startups that would benefit from a relationship with Oracle. “B2B things. Things that are data heavy,” Williamson said.

“We are super interested in stories to enable startups around the world. What we’ve seen coming out of the UK has been awesome. Our goal is to really come alongside during this process and help along the way. But not just with technology – to help them get revenue. That’s what you want as a startup – revenue – and one of the unique things we can help with,” Williamson added.

But that doesn’t mean start-ups have to sell their souls to Oracle in return.

“We don’t take equity…We get to create a virtuous cycle. We’re not putting in a cash investment. We’re doing an in kind investment. You’re getting credits, space if you need it, access to our marketing team. There’s value there,” Williamson added.

“If we can put these customers in front of our startup base and they start getting revenue, they have to service these customers. If they start servicing these customers they will need more OCI etc It’s long tail and we’re fine with that.”

He added: “With the fullness of time and when they graduate from the programme, it’s not when they are going to be their best selves. They will be peaking in three years. I want to be sure we’ve treated them well. That we have that connective tissue. So, when they grow and expand they will grow and expand with us.”

The panel wasn’t just a case of Oracle talking up its efforts helping startups. A number were also in place to share their, very positive, stories, too.

One such company is iGeolise which was part of the first accelerator programme cohort and has essentially created a “travel time platform,” according to Charlie Davies, its co-founder and technology and product director.

“You can search the world around you by time rather than distance. Distance is a completely useless way to search as all of us are at the mercy of the public transport systems around us. We license this as an API to lots of companies in the UK, including Right Move,” he said.

“Oracle is so big and we are so small. Navigating this would have been impossible if it wasn’t for the startup accelerator.”

He added: “One of the challenges we’ve had being a mapping company is the amount of data became a huge bottleneck for us in terms of getting customers. We have done very well in the UK, but we wanted to attract bigger brands across Europe and the rest of the world. What Oracle gave us was a nice tick. OCI is like a secret leviathan behind you where people sit up and listen a bit more.”

Amazon to launch its first AWS African data centre in 2020


Clare Hopping

26 Oct, 2018

Amazon has revealed plans to launch its first data centre in South Africa, with three availability zones due to become operational in Cape Town during the first half of 2020.

The company has a lot of business in South Africa, including the development centre it set up in 2004. Amazon explained the announcement has been driven by demand in the region, recognising the tech talent of South Africans, particularly those situated in Cape Town.

AWS said its new AWS Africa (Cape Town) Region will offer lower latency to local businesses – particularly those in sub-Saharan areas – so they are able to make use of data-intensive technologies such as AI, machine learning, IoT and mobile services.

Adding an extra region in Africa also means businesses are able to store information in a local facility, rather than crossing the borders. This will be particularly important for businesses wanting to comply with the upcoming Protection of Personal Information Act (POPIA).

“Having built the original version of Amazon EC2 in our Cape Town development center 14 years ago, and with thousands of African companies using AWS for years, we’ve been able to witness first-hand the technical talent and potential in Africa,” the company’s CEO Andy Jassy said. “Technology has the opportunity to transform lives and economies across Africa, and we’re excited about AWS and the Cloud being a meaningful part of that transformation.”

To support the cloud infrastructure, AWS has also built up local teams for businesses to communicate with, making the cloud procurement process and cloud management a whole lot easier for South African businesses.  Local account managers, customer services representatives, partner managers and solutions architects are all on hand to help companies pursuing digital transformation doctrines.

Amazon to launch its first AWS African data centre in 2020


Clare Hopping

26 Oct, 2018

Amazon has revealed plans to launch its first data centre in South Africa, with three availability zones due to become operational in Cape Town during the first half of 2020.

Although the company has a lot of business in South Africa, including the development centre it set up in 2004, it’s never run a data centre from the country. The company explained the announcement has been driven by demand in the region, recognising the tech talent of South Africans, particularly those situated in Cape Town.

AWS said its new AWS Africa (Cape Town) Region will offer lower latency to local businesses – particularly those in sub-Saharan areas – so they are able to make use of data-intensive technologies such as AI, machine learning, IoT and mobile services.

Adding an extra region in Africa also means businesses are able to store information in a local facility, rather than crossing the borders. This will be particularly important for businesses wanting to comply with the upcoming Protection of Personal Information Act (POPIA).

“Having built the original version of Amazon EC2 in our Cape Town development center 14 years ago, and with thousands of African companies using AWS for years, we’ve been able to witness first-hand the technical talent and potential in Africa,” the company’s CEO Andy Jassy said. “Technology has the opportunity to transform lives and economies across Africa, and we’re excited about AWS and the Cloud being a meaningful part of that transformation.”

To support the cloud infrastructure, AWS has also built up local teams for businesses to communicate with, making the cloud procurement process and cloud management a whole lot easier for South African businesses.  Local account managers, customer services representatives, partner managers and solutions architects are all on hand to help companies pursuing digital transformation doctrines.

Microsoft Q1 results show cloud is still a major earner


Clare Hopping

26 Oct, 2018

Cloud has once again been a big earner for Microsoft, with the company posting Azure revenue growth of 76% over the last quarter. Server products and cloud services have grown by 28%, while its “intelligent cloud” division has increased revenues by a quarter compared to the second quarter of 2018.

However, the growth of Microsoft’s Azure-related products has slowed since the previous quarter, which stood at a hefty 89%. It’s not too much of a concern for analysts as it would seem because many are still predicting the company’s cloud-focused business will continue to be the most important part of Microsoft’s success.

Microsoft doesn’t detail individual revenue streams in its Azure division, making it hard to judge where the majority of growth is (ie., platform, server, services), but the company’s CFO Amy Hood said on its earnings call that the demand for hybrid services was one worth watching and Microsoft would continue to grasp the opportunity presented by businesses looking for hybrid set-ups in their digital transformation efforts.


By 2020, it’s estimated that a quarter of IT spending will go to the cloud. Learn how to set your business up to profit from cloud services in this whitepaper.

Download now


“We are seeing larger and longer-term customer commitments to the cloud,” she told analysts on the call.

But it’s not just Azure performing well in the cloud space. The company’s cloud, server and Office departments combined generated $18.4 billion in revenue last quarter. Office 365 revenues, specifically in the commercial products and services sector rose by 17% and Office 365 commercial revenues grew 36% quarter-on-quarter. The company also added that active customers using its Office 365 services has grown significantly – topping 155 million at present.

The company’s total first-quarter revenue was up 19% over the previous year, reaching $29.1 billion, with its income rising 34% up to $8.8 billion.

Microsoft Q1 results show cloud is still a major earner


Clare Hopping

26 Oct, 2018

Cloud has once again been a big earner for Microsoft, with the company posting Azure revenue growth of 76% over the last quarter. Server products and cloud services have grown by 28%, while its “intelligent cloud” division has increased revenues by a quarter compared to the second quarter of 2018.

However, the growth of Microsoft’s Azure-related products has slowed since the previous quarter, which stood at a hefty 89%. It’s not too much of a concern for analysts as it would seem because many are still predicting the company’s cloud-focused business will continue to be the most important part of Microsoft’s success.

Microsoft doesn’t detail individual revenue streams in its Azure division, making it hard to judge where the majority of growth is (ie., platform, server, services), but the company’s CFO Amy Hood said on its earnings call that the demand for hybrid services was one worth watching and Microsoft would continue to grasp the opportunity presented by businesses looking for hybrid set-ups in their digital transformation efforts.

“We are seeing larger and longer-term customer commitments to the cloud,” she told analysts on the call.

But it’s not just Azure performing well in the cloud space. The company’s cloud, server and Office departments combined generated $18.4 billion in revenue last quarter. Office 365 revenues, specifically in the commercial products and services sector rose by 17% and Office 365 commercial revenues grew 36% quarter-on-quarter. The company also added that active customers using its Office 365 services has grown significantly – topping 155 million at present.

The company’s total first-quarter revenue was up 19% over the previous year, reaching $29.1 billion, with its income rising 34% up to $8.8 billion.

How identity and access management is causing headaches in cloud security

Identity and access management (IAM) is seen as an important tool for determining who’s who in a nefarious cloud landscape – but organisations are struggling to get to grips with it, according to new research.

The latest Cloud Report from cloud access security broker (CASB) Netskope has revealed the majority of Center for Internet Security (CIS) benchmark violations occurring in Amazon Web Services (AWS) environments fall under the IAM remit.

The data, which comes from anonymised Netskope Security Cloud customer accounts, found that 71.5% of violations were related to identity and access management, compared with 19% for monitoring. EC2 was the most likely resource where organisations fell foul, accounting for two thirds (66.2%) of violations, with IAM itself only comprising 4.5%. 86% of breaches were classified as critical.

Netskope argues that this represents a gap in organisations’ plans for cloud security compared with their actual implementations. “While many organisations have controls around cloud services and implemented things like multi-factor authentication and single sign-on solutions, IaaS/PaaS identity and access policies still need to be set,” the report notes. “Many of the IAM violations involve instance rules and access to resources or password policy requirements – simple fixes that may not have been a focus when first setting up roles and instances.

“There has been a lot of focus on micro-segmentation security technologies for I/PaaS workloads, but of note are simple IAM policies that can be addressed directly in AWS without an external security solution,” the report adds.

Enterprises use an average of 1,246 cloud services – an increase of 5.5% compared with February’s previous analysis. HR and marketing, with averages of 175 and 170 per enterprise, are the most popular by a distance – yet 96% and 98% of these apps respectively are not enterprise-ready.

It is a similar story across the board. 94% of finance and accounting services are not deemed enterprise-ready, while the figure drops to only 93% for CRM and IT service and application management. Only cloud storage – with an average of 28 services being used per organisation – comes out of the figures with any respect, although more than two thirds (67%) are still not ready for the enterprise.

One interesting note is around the research methodology; while AWS was analysed because of its market share, the report noted the importance organisations were attaching to multi-cloud. This naturally gives security teams an even bigger headache than before.

“As organisations increasingly adopt a multi-cloud approach, IT teams must continuously assess the security of their public cloud infrastructure and be aware of the data moving in and out of those services,” said Sanjay Beri, Netskope founder and CEO. “Enterprises should consider using the same security profiles, policies and controls across all services – SaaS, IaaS and web – in order to reduce overhead and complexity as the use of cloud services scales.”

You can read the full report here.

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Remote code execution flaw found in Cisco WebEx


Rene Millman

25 Oct, 2018

Security researchers have discovered a flaw in WebEx’s WebexUpdateService that allows anyone with a login to the Windows system where Cisco’s client software is installed to run system-level code remotely.

The vulnerability is “pretty unique” as it is “a remote vulnerability in a client application that doesn’t even listen on a port”, according to a blog post by Ron Bowes and Jeff McJunkin of Counter Hack.

When the WebEx client is installed on a system, a Windows service called WebExService is also installed that can execute commands with system-level privilege.

According to a website detailing the hack, due to poorly handled access control lists (ACLs), any local or domain user can start this service over Windows’ remote service interface, except those running the client on Windows 10 (which requires an admin login).

“As far as we know, a remote attack against a 3rd party Windows service is a novel type of attack. We’re calling the class “thank you for your service”, because we can, and are crossing our fingers that more are out there!” Bowes said.

Bowes said that exploiting the vulnerability is “actually easier than checking for it”.

“The patched version of WebEx still allows remote users to connect to the process and start it,” he explained. “However, if the process detects that it’s being asked to run an executable that is not signed by Webex, the execution will halt.”

In an advisory, Cisco said the vulnerability is due to insufficient validation of user-supplied parameters. “An attacker could exploit this vulnerability by invoking the update service command with a crafted argument,” said the advisory.

Bowes said that WebEx released a patch on 3 October and that users should make sure they’re running this new client version.

“The good news is, the patched version of this service will only run files that are signed by WebEx. The bad news is, there are a lot of those out there (including the vulnerable version of the service!), and the service can still be started remotely,” he said.

The Cisco advisory said that users could determine whether a vulnerable version of Cisco Webex Meetings Desktop App is installed on a Windows machine by launching the Cisco Webex Meetings application and clicking the gear icon in the top right of the application window, then selecting the About… menu entry. A popup window displaying the currently installed version will open.

Remote code execution flaw found in Cisco WebEx


Rene Millman

25 Oct, 2018

Security researchers have discovered a flaw in WebEx’s WebexUpdateService that allows anyone with a login to the Windows system where Cisco’s client software is installed to run system-level code remotely.

The vulnerability is “pretty unique” as it is “a remote vulnerability in a client application that doesn’t even listen on a port”, according to a blog post by Ron Bowes and Jeff McJunkin of Counter Hack.

When the WebEx client is installed on a system, a Windows service called WebExService is also installed that can execute commands with system-level privilege.

According to a website detailing the hack, due to poorly handled access control lists (ACLs), any local or domain user can start this service over Windows’ remote service interface, except those running the client on Windows 10 (which requires an admin login).

“As far as we know, a remote attack against a 3rd party Windows service is a novel type of attack. We’re calling the class “thank you for your service”, because we can, and are crossing our fingers that more are out there!” Bowes said.

Bowes said that exploiting the vulnerability is “actually easier than checking for it”.

“The patched version of WebEx still allows remote users to connect to the process and start it,” he explained. “However, if the process detects that it’s being asked to run an executable that is not signed by Webex, the execution will halt.”

In an advisory, Cisco said the vulnerability is due to insufficient validation of user-supplied parameters. “An attacker could exploit this vulnerability by invoking the update service command with a crafted argument,” said the advisory.

Bowes said that WebEx released a patch on 3 October and that users should make sure they’re running this new client version.

“The good news is, the patched version of this service will only run files that are signed by WebEx. The bad news is, there are a lot of those out there (including the vulnerable version of the service!), and the service can still be started remotely,” he said.

The Cisco advisory said that users could determine whether a vulnerable version of Cisco Webex Meetings Desktop App is installed on a Windows machine by launching the Cisco Webex Meetings application and clicking the gear icon in the top right of the application window, then selecting the About… menu entry. A popup window displaying the currently installed version will open.