Slack repositions itself as a ‘virtual HQ’ for hybrid workers


Bobby Hellard

30 Jun, 2021

Slack has added three new features in an attempt to reposition the platform as a ‘virtual headquarters’ for companies that adopt hybrid or entirely remote working strategies post-pandemic. 

These arrive in addition to the recently announced feature that enables users to schedule messages, which is very much in keeping with the idea of businesses running and operating across different regions and time zones. 

“The ‘new normal’ is here to stay – no one wants to give up the flexibility of working from anywhere,” said Slack’s VP of product, Noah Desai Weiss. “There’s a clear need for a virtual headquarters that helps employees embrace a new sense of flexibility, that makes them feel connected to their colleagues despite being physically apart, and that recreates the serendipity and creativity of the office.

“This is why we are introducing new virtual HQ capabilities like Slack Huddles and native recording of video, voice, and screen-sharing clips in Slack.”
 
Slack Huddles is essentially the company’s pitch for those ‘water cooler conversations‘ workers used to enjoy in a physical office. This is a key part of its ‘virtual HQ’ strategy, re-creating those spontaneous moments of conversation or brainstorming via an ‘audio first button in the bottom corner of the Slack sidebar. It’s a one-click operation where a ‘huddle’ can be started in any channel or direct message (including the ones users share with external contacts) where participants can virtually come and go as they please.

Another new feature has a very TikTok feel to it, as Slack users will be able to create and share video, screen recordings and audio clips, rather than conduct meetings or write long text into a channel. This was previously touched upon earlier in the year as a sort of ‘Stories’ type feature that’s used on Instagram and now Twitter with ‘Fleets’. 

The final new product for Slack’s ‘virtual HQ’ overhaul is called ‘Slack Atlas’, which is a digital directory users can navigate from within their account and connect to colleagues and partners from across their networks.
 
All of the new features are being rolled out now to paid-tier customers. Slack has yet to confirm whether they will also be rolling out to non-paying customers. 

IT Pro 20/20: Does cyber security’s public image need a makeover?


Dale Walker

30 Jun, 2021

Welcome to issue 18 of IT Pro 20/20, distilling the most important themes of the previous month into an easy-to-read package – courtesy of our sister title IT Pro.

In this cyber-security-themed issue, we highlight some of the most pressing challenges facing the industry. Our lead feature looks at the role of white hat hackers across the industry, the challenges they have faced in proving their value to companies, and whether media depictions of the traditional ‘hacker’ are creating unhelpful stereotypes.

We also look at the evolution of the security threat landscape from the 1990s until now, as well as consider whether the sudden appearance of social conscience among hackers may spell the end of the ransomware industry as we know it.

Also in this issue, you’ll find an overview of the most exciting features coming with Windows 11, as well as a look at the motivations fuelling the war against end-to-end encryption.

DOWNLOAD ISSUE 18 OF IT PRO 20/20 HERE

The next IT Pro 20/20 will be available on 30 July – previous issues can be found here. If you would like to receive each issue in your inbox as they release, you can subscribe to our mailing list here.

Bitwarden review: Worth paying for


K.G. Orphanides

30 Jun, 2021

The competitively priced newcomer is at the forefront of password management

Price 
$60

Lastpass hasn’t earned itself many supporters recently, and Bitwarden is coming for its password management crown with a massively feature-packed, cross-platform free consumer tier. It’s also almost unique in having a free business tier which, while limited to two users, is an obvious choice for micro-businesses and partnerships. The main drawback is that it has more limited 2FA options and lacks support for advanced features such as attaching encrypted files to entries and password vault health reports.

Bitwarden Teams expands on this free two-person tier, with an API for easy automation, event logs, user groups, a directory connector to automatically manage users when they’re added to your corporate LDAP server, extra two-factor authentication options, password vault health analysis, and the ability to grant emergency access rights to trusted users.

For larger businesses, Bitwarden Enterprise is very competitively priced, supports SSO and granular policy control, has the transparency benefit of open-source code and the convenience of a fully managed service. It’s also priced comparably to the mid- or entry-level tiers of many rivals, and if you want, you can even self-host it on your own servers with no additional licensing. 

Bitwarden review: Client features

The web-based incarnation of Bitwarden’s vault and settings are more functional than beautiful. Everything’s pretty easy to find, although we’d have liked download links to the critical Bitwarden apps to be more clearly signposted. You’ll find them on the pull-down from your profile icon at the top right, and at https://bitwarden.com/download/.

Dedicated desktop apps are available for Windows, macOS and Linux. Mobile apps cater to iOS and Android, with the open source F-Droid store hosting a copy for de-Googleised Android devices. An extensive range of browsers are covered, including Firefox, Safari, Chrome and browsers that share their rendering engines, even with the unusual addition of Tor Browser.

Bitwarden’s command line tool (which primarily exists to make automation easier) is available for bash and PowerShell, and can be found via a number of package managers including NPM – the recommended install path if you’re already using node.js – Homebrew, Chocolatey and Snap.

The client is eminently easy to use and does exactly what you’d expect from a password manager. Corporate users of Bitwarden get a free personal account, which they’ll log into to access their corporate password collection. When they save a password, they’ll be prompted to choose whether it belongs to their personal account or in the business’. Business passwords have to be in a collection, and the collections that each user is given access show up in their clients and online vault.

The Google Play Store version of Bitwarden’s Android client was recently found to include two trackers, which the company has convincingly justified as required for push notifications and crash reporting; if you’d rather avoid them, they are not included in the version distributed on F-Droid.

Bitwarden review: Management features

Users can be invited with standard, limited privileges to access items in collections that have been assigned to them and, if they are given write access, to add, edit and delete passwords and secure notes from those collections.

Managers have the power to assign users and groups to collections, as well as to create and delete said collections. Admins can create and assign users to user groups, invite new users, manage policies, check event logs and export the organisation’s vault data en masse, making this a role of trusted authority.

Only the owners can control billing, subscriptions and integrations for third-party applications and services. However, custom roles can also be created, providing granular control over exactly who gets to do what. Additional permissions are available to Enterprise admins via the Bitwarden Business portal.

We’re not too keen on this division between the main management interface and this dedicated portal for making policies and SSO. It’s easy to use, and we like the addition of features such as the ability to deny personal password ownership for organisation users and mandate specific security and password options. However, there aren’t quite as many settings here as you’ll find in comparable services from Dashlane, Keeper, and LastPass, and relatively few options are spread across rather too many pages.

Bitwarden review: Verdict

Bitwarden’s Free Organization tier has limited features, but is entirely free. For those who need more than two users and two collections, Bitwarden Teams costs $36 per user, per year or $4 per user, per month and the Enterprise tier costs $60 per user, per year or $6 per user, per month if you don’t want to commit to a full year.

This puts it among the cheapest business password management services around, and the Enterprise tier, with its fine-grained policy control, would benefit businesses of almost any size, even if they don’t need SSO. Furthermore, Bitwarden’s transparent, audited, zero-knowledge approach to security is solid and thoroughly documented.

Although its admin interface isn’t the most polished around, Bitwarden’s excellent feature set and well-designed range of cross-platform clients, as well as its low prices, make it our favourite business password management service. 

GitHub Copilot is an AI tool that helps devs to write better code


Zach Marzouk

30 Jun, 2021

GitHub has launched a preview of GitHub Copilot, a new AI pair programmer that helps developers to write better code.

The Microsoft-owned company said the tool “draws context from the code you’re working on,” and suggests whole lines or entire functions. This, GitHub says, could enable engineers to be more productive and potentially lower the barriers to enter software development.

“It helps you quickly discover alternative ways to solve problems, write tests, and explore new APIs without having to tediously tailor a search for answers on the internet. As you type, it adapts to the way you write code—to help you complete your work faster,” said Nat Friedman, CEO of GitHub.

GitHub Copilot was developed in collaboration with OpenAI, an AI research startup backed by Microsoft, and powered by OpenAI Codex, a new AI system created by the company. Essentially, the GitHub Copilot editor extension sends comments and code to the GitHub Copilot service, which in turn uses OpenAI Codex to synthesise and suggest individual lines and whole functions.

The company said the system “has broad knowledge of how people use code” and is more capable than GPT -3 in code generation, as it was trained on a data set that includes a larger concentration of public source code.

GitHub expects the technology to “enable existing engineers to be more productive, reducing manual tasks and helping them focus on interesting work”. It also believes the tool has the potential to lower barriers to entry, enabling more people to explore software development and join the next generation of developers.

GitHub added that the new tool works with a broad set of frameworks and languages, but the technical preview, which is now open to be signed up to, works “especially well” for Python, JavaScript, TypeScript, Ruby and Go.

The company benchmarked the tool against a set of Python functions and blanked out the function bodies and asked GitHub Copilot to fill them in. The model got them right 43% of the time on the first try and 57% of the time when allowed 10 attempts.

If the technical preview is a success, GitHub plans to build a commercial version of GitHub Copilot in the future. Through the preview it aims to learn how people use the tool and what it takes to operate at scale.

Zoom acquires AI translation startup Kites


Sabina Weston

30 Jun, 2021

Zoom has announced the acquisition of Karlsruhe Information Technology Solutions (Kites) – a startup focused on the development of real-time AI-powered translation technologies.

Founded in 2015 by members of Germany’s Karlsruhe Institute of Technology faculty, Kites is comprised of 12 research scientists who will now assist Zoom’s engineering team in advancing in the field of machine translation (MT).

The technology will be used to improve the video conferencing experience by providing real-time, multi-language translation capabilities for Zoom users, enabling the company to increase the efficiency and accessibility of virtual meetings.

Commenting on the news, co-founders Dr. Alex Waibel and Dr. Sebastian Stüker said that Kites “emerged with the mission of breaking down language barriers and making seamless cross-language interaction a reality of everyday life”.

“We have long admired Zoom for its ability to easily connect people across the world. We know Zoom is the best partner for Kites to help advance our mission and we are excited to see what comes next under Zoom’s incredible innovation engine,” they added.

Waibel and Stüker are to remain based in Karlsruhe following the acquisition, with Waibel set to become a Zoom Research Fellow – a role which will include advising Zoom on MT research and development.

The video conferencing giant also announced that it “looks forward to investing in growing the [Kites] team”, while also “exploring opening an R&D center in Germany in the future”.

Velchamy Sankarlingam, president of Product and Engineering at Zoom, said that the company is “continuously looking for new ways to deliver happiness to our users and improve meeting productivity”.

“MT solutions will be key in enhancing our platform for Zoom customers across the globe. With our aligned missions to make collaboration frictionless – regardless of language, geographic location, or other barriers – we are confident Kites’ impressive team will fit right in with Zoom,” he added.

The acquisition of Kites, the financial details of which remain undisclosed, might be symptomatic of Zoom’s focus on expanding its offering to retain users as lockdown restrictions are eased and more workers return to the office. Earlier this month, the company unveiled a new range of desk phones fit for the office and the home that includes high-definition video as well as built-in collaboration software.

Kubernetes costs spiralling as businesses fail to monitor spend


Keumars Afifi-Sabet

30 Jun, 2021

Expenditure on Kubernetes is rising dramatically, and most businesses are struggling to accurately project how much they’re expecting to spend on their container orchestration systems in future.

Over the last year, Kubernetes-related costs surged for 68% of businesses, according to research by the Cloud Native Computing Foundation (CNCF), which manages the ecosystem. Just 12% of businesses lowered their Kubernetes expenses, while among organisations to have sustained an increase, half saw it jump by more than 20%.

Kubernetes is an open source container orchestration system for automating app deployment, scaling and management. While it was originally designed by Google, Kubernetes is now maintained by the CNCF.

The trend does not come as a surprise, according to the report, because as most organisations adopt cloud-native architectures and scale up Kubernetes environments, the associated cloud costs will rise.

Despite costs projected to spiral, however, there’s a disconnect between these rising expenses and how well most businesses are able to accurately forecast Kubernetes costs, project these, and instigate processes that can manage overspend.

CNCF and the FinOps Foundation surveyed senior IT staff from their extended communities of 195 organisations, which is a small sample size but serves as a representative sample of a cross-section of businesses. 

The vast majority of respondents either don’t monitor Kubernetes spending at all, 24%, or rely on monthly estimates only, 44%. Only 13% used accurate show-backs while 14% had a chargeback programme in place. 

“As more organisations adopt cloud-native architectures and scale up Kubernetes environments, the associated cloud costs will rise,” the report said. “However, the FinOps for Kubernetes survey uncovered a disconnect between these rising expenses and how well most respondents have been able to accurately and effectively monitor Kubernetes costs, predict those costs, and instill processes that can curtail unnecessary overspend.

“Whether spending $10,000 per month or 100x that, the lack of real-time cost visibility and the insights and actions that organisations can take from that suggests that the majority of organizations leveraging Kubernetes can become significantly more cost-efficient – and do so without impacting performance.”

As cloud costs continue to rise for the majority of businesses, the report urges organisations to adopt processes and systems to track how much they spend. Firms should look beyond basic cost estimations and should instead seek to allocate costs back to granular environments and projects for show-back and chargeback. 

Labour calls for investigation into Hancock’s use of private email


Bobby Hellard

28 Jun, 2021

The Labour Party has called for a full investigation into the ministerial use of private email accounts for government business. 

It follows a report in The Sunday Times that suggests that former health secretary, Matt Hancock, breached government guidelines by using his personal Gmail account.

Angela Rayner, Labour’s deputy leader, has written to the Cabinet Secretary and the Information Commissioner’s Office (ICO) demanding a “full-scale investigation” into what she called a “shady practice” that could “conceal vital information”. Rayner has warned that “the buck doesn’t stop with Hancock” and that the government was “rotten to its core”.

“We need to know how wide this goes and how much government business is being conducted in secret,” Rayner wrote. “This shady practice has the potential to conceal vital information of public interest and cover up the waste of taxpayers money that has been given to friends of Conservative ministers.”

The Sunday Times said it had seen documents that suggested Hancock had “routinely” used his private Gmail account to conduct government business and also claimed that the junior health minister, Lord Bethell, did the same. There are also claims the other officials within the Department of Health and Social Care (DHSC) had breached government guidelines in this way.

Labour’s concern is that, as a result of this private email use, the government does not have a complete record of the former health secretary’s decision-making during the pandemic, which includes the procurement of PPE, set up of the Test and Trace system and the strategy for care homes. 

In a statement given to IT Pro, the UK’s Information Commissioner Elizabeth Denham, said: “It is an important principle of government transparency and accountability that official records are kept of key actions and decision.

“The issue of ministers and senior officials using private email accounts to conduct sensitive official business is a concerning one for the public and is one my office has advised on before. I am looking carefully at the information that has come to light over the past few days and considering what further steps may be necessary to address the concerns raised with me.”

Hancock resigned over the weekend following leaked CCTV footage from his office that shows him in an embrace with his aide Gina Coladangelo. The ICO also confirmed that it is making enquiries into the release of personal data to the media and whether a further regulatory response is warranted.

The former health secretary is also under scrutiny from the Conservative Party; when asked by the BBC if Hancock’s actions were a security issue, justice secretary Robert Buckland said: “I agree, and that’s why I think it’s important that we use the systems that we are provided with.”

In response to Buckland’s comments, Rayner tweeted: “We already know that hostile states target minister’s email accounts to access sensitive information and even blackmail Ministers. Tory ministers are putting our national security at risk by trying to hide from the public and cover up their dodgy dealings.” 

Using a personal personal account for government business is meant to be against government guidelines, but in April, MP Tom Tugendhat claimed that GCHQ had advised him that Gmail was safer than the system used in Parliament

Windows 11 won’t arrive as a free update until 2022


Sabina Weston

29 Jun, 2021

The free Windows 11 update for Windows 10 devices won’t roll out until next year, and it might not arrive until mid-2022 for some users. 

That’s according to a tweet from Microsoft’s Twitter account for its flagship operating system, which responded to a query about the Windows 11 release date from computer science student Jure Zajc, under a post previewing a video trailer for the latest version of the OS.

“Windows 11 is due out later in 2021 and will be delivered over several months,” said the verified Twitter account, adding that “the rollout of the upgrade to Windows 10 devices already in use today will begin in 2022 through the first half of that year”.

The confirmation comes amid reports as Microsoft confirms it’s planning to review its stringent Windows 11 system requirements, which state that users must be using an 8th-generation Intel CPU or newer and a TPM 2.0 chip installed.

“In support of the Windows 11 system requirements, we’ve set the bar for previewing in our Windows Insider Programme to match the minimum system requirements for Windows 11, with the exception for TPM 2.0 and CPU family/model,” the Windows Team stated in a blog post.

“By providing preview builds to the diverse systems in our Windows Insider Programme, we will learn how Windows 11 performs across CPU models more comprehensively, informing any adjustments we should make to our minimum system requirements in the future.” 

The Windows Team added that it “look[s] forward to the product feedback and learnings” amid a backlash against its PC Health Check tool. The app had been recommended for users to find out whether their device would be compatible with Windows 11. However, those who had gotten a negative response from the tool were not provided with enough detail as to why their PC was incompatible with the latest version of the operating system. 

The Windows Team announced that it would be “updating [the] PC Health check app to provide more clarity”, as well as “adapt software and hardware to keep pace with people’s computing needs today and in the future”.

Microsoft 365 redesign debuts as Windows 11 preview is released


Bobby Hellard

29 Jun, 2021

Microsoft has revealed a new design for Microsoft 365, which it says will be available for both Windows 11 and Windows 10 users and will come with support for 64-bit Arm processors. 

The announcement coincided with the release of the first preview build of Windows 11, the tech giant’s next iteration of its flagship operating system. 

The refresh to Microsoft 365 comes on the tenth anniversary of Office 365’s initial release and was based on customer feedback, according to Microsoft. Users called for a “more natural and consistent experience” between applications – specifically on Windows – which is why the new design has similarities to the recently announced Windows 11 layout.

The update has a “familiar” user interface, but with the Fluent Design principles seen on Windows 11 across all applications including Word, Excel, PowerPoint, OneNote, Outlook, Access, Project, Publisher, and Visio. 

What’s more, the update will be automatically available to any Office Insiders running beta channel builds and can easily be turned off using the “Coming Soon” feature, which is located in the top right corner of the menu. In Word, Excel, PowerPoint, or OneNote, users need to click the megaphone icon to open the “Coming Soon” pane, and use the toggle to move between the new and current interface, and apply the setting to all the Office apps.

In addition to the design refresh is a new 64-bit version of Office for Windows on Arm-powered machines, where it’s been recompiled for Arm architecture. The idea is that it will offer a faster experience, boost memory availability, abd provide better support for large documents, all while maintaining compatibility with existing 64-bit add-ins using the new x64 emulation capability provided by Windows.

The Windows 11 preview build (22000.51) is available now to Windows Insiders, and includes access to the new Start menu, multitasking features, and overhauled Microsoft Store. Unlike the leaked version of the build, this official preview also features an updated File Explorer that replaces the ribbon with a command bar.

Why you should modernise your systems based on need


Cloud Pro

30 Jun, 2021

The business world has been rocked by huge changes recently thanks to lockdown restrictions and new remote-working models, not to mention a complete shift in the way that consumers engage with products and services. Due to the sudden pivots necessitated by COVID-19, it’s understandable that many organisations have adopted rapid digital transformation and an increased dependence on the cloud in order to remain relevant and competitive, to improve customer experience, to satisfy stakeholders and ultimately grow revenue in the face of this disruption.

However, such rapid transformations can be associated with serious risks if not managed properly. Businesses may have been tempted to adopt a one-size-fits-all cloud solution, or to transform in a piecemeal way across multiple cloud silos without following a carefully laid-out strategy. The former can easily result in business transformation that does not fit the specific needs of your business, running counter to the goal of modernising, with the potential to harm rather than help your bottom line.

For the latter, without a strategy you can create various issues for your IT infrastructure, from fragmented systems that do not allow for monitoring and automation across cloud silo boundaries, to increased risk of security breaches and an overall complexity that hampers your ability to quickly update applications and systems to meet the needs of your business and customers.

Continuous modernisation

Developing a robust, detailed strategy is key to successful modernisation, and an understanding that there is not one simple, one-size-fits-all solution that you can apply to your business. Before you commit to a hasty ‘rip and replace’ strategy, it is important to consider the needs of your organisation and the best approach to meeting them.

Companies like Micro Focus can assist you in developing a winning, smart digital transformation strategy that will meet your modernisation goals and avoid potential pitfalls as you build, deliver and run your modernisation project. Micro Focus’s open, integrated, backwards-compatible software bridges existing and emerging technologies, so you can innovate faster, with less risk, as you transform. With AI-powered automation, you can manage and monitor multiple clouds, applications, data centres and networks from one portal. This offers enhanced, joined-up security, quickly highlighting any issues that arise.

Evolving your IT practices – without jeopardising critical business systems and processes developed over decades – is a constant balancing act. That is why bridging new and existing applications and infrastructure is particularly key. Evidence is emerging to suggest that modernisation projects using an incremental and continuous improvement model are more likely to achieve positive results than other more drastic approaches like ripping and replacing your core business applications. The ‘Endless Modernization’ research authored by Micro Focus and The Standish Group found that companies that choose to modernise an existing application rather than fully replace it had a 71% success and 1% failure ratio, compared to a 26% success and 20% failure ratio for those choosing to scrap a software application and start from scratch.

A smart approach to digital transformation allows businesses to transform as they continue to run core applications, modernising continuously and incrementally to strike a balance between innovating and maintaining proper business operations. This incremental approach endorsed by Micro Focus allows you to maintain continuity during your ongoing modernisation work and, ultimately, execute business transformation based on the needs of your organisation, rather than rushing to make it happen as quickly as possible and ending up with a solution that doesn’t properly meet your requirements. And unlike unstructured, piecemeal approaches, this type of transformation is backed by a robust strategy that maintains unity and control across your IT infrastructure.

Beyond the cloud

While the cloud has proved to be a powerful tool in modernisation – particularly when it comes to the dispersed-working models that have gained dominance since 2020 – it is important to understand that transferring all your infrastructure to the cloud may not be the best solution for your business. In a modernisation project built on the needs of your business, a fully cloud-based solution might not give the right results. It’s important to consider the modernisation route that will really suit your business best, whether that’s mainframe-centric, cloud-first, a hybrid approach, DevOps-driven or service-oriented.

Remember that mainframe is just as viable as any other platform when it comes to modernisation. While the cloud is both fast growing and the most high-profile solution today, AWS reports that more than 70% of Fortune 500 companies still run their business-critical apps on mainframes – and for good reason. These adaptable, resilient incumbent systems have been steadily modernised and built upon over the years, becoming one of the most trusted elements of the IT team’s arsenal.

Of course, mission-critical mainframe applications need to be kept up-to-date with modern business demands, but that doesn’t necessitate a ‘rip and replace’ approach. Part of building on existing successes is to recognise what is working and using that as a cornerstone to develop a long-term strategy. Using its modernisation maturity model, Micro Focus can support your preferred modernisation route and advise you on the most efficient and effective way of modernising your mainframe without disrupting business operations.

Working with a transformation partner like Micro Focus enables you to extend the value of your existing technology investments. Every business’s needs are different. Before committing to a wholesale ‘rip and replace’ approach, it’s important to assess your organisation’s requirements. Armed with this understanding, you can execute an incremental and continuous modernisation approach to achieve smart digital transformation by building on your existing infrastructure.

Learn more in Micro Focus’s Race to the Cloud ebook