All posts by Keumars Afifi-Sabet

VMware kills Datrium’s hyperconvergence hardware and OS


Keumars Afifi-Sabet

10 Aug, 2020

VMware has discontinued Datrium’s hyperconverged infrastructure DVX hardware line “effective immediately” a little over a month after acquiring the disaster recovery specialist.

Datrium will stop accepting orders of Datrium DVX hardware from new customers, with existing customers able to make additional purchases up to 31 October 2020, according to an email distributed to Datrium customers, circulating on Reddit.

This ‘last time buy’ programme limits purchases to D12x10D, D12x4C and F24x2D hardware with the DaOS 5.1 operating system only. Existing customers can also renew support up to 31 October 2022, with a maximum support term ending a year later.

Versions of the DaOS operating system earlier than DaOS 5.0, meanwhile, will no longer be supported by VMware beyond 31 October, meaning customers will have to upgrade their systems.

Versions beyond DaOS 5.0 will be supported with critical functionality and security fixes, although customers should no longer expect any new features or added functionality. 

“Unless otherwise agreed to under your maintenance and technical support terms with Datrium, we will continue to provide maintenance and technical support through the end of your current support services period (inclusive of existing support contracts that expire after Oct 31, 2023), which may be amended by Additional Purchases and Support Renewal Order as permitted above,” the letter reads.

“Datrium DVX hardware support will be limited to the existing hardware configurations. Firmware fixes cannot be offered if the components are past end-of-support by the 3rd party component hardware vendor.”

VMware announced plans to acquire the disaster recovery as a service (DRaaS) provider in a bid to expand its current VMware Site Recovery portfolio in early July. Datrium has been insistent the integration of its technology and platforms into VMware’s offerings will feed into efforts to help customers build hybrid clouds by combining the infrastructure of VMware Cloud with Datrium DRaaS.

Although specialising in DRaaS, Datrium had long-hoped to make waves in the hyperconverged infrastructure market, especially with its DaOS operating system and DVX hardware. With its hardware being discontinued, and versions of the operating system before DaOS 5.0 no longer supported by the parent company, this will be a disappointment to customers who’ve invested in Datrium’s product ecosystem.  

IT Pro approached VMware for confirmation on its post-acquisition plans.

Zoom introduces filters and reactions to ‘make meetings more fun’


Keumars Afifi-Sabet

7 Aug, 2020

Video conferencing platform Zoom has introduced a swathe of new features that aim to “liven up your meetings” including filters, reactions, improved lighting capabilities and better background noise suppression. 

Users can choose from a variety of virtual backgrounds, as before, as well as a set of fresh video filters and toggles to alter their appearance while in conversation with their friends, family or colleagues. 

Filters to change the colour or set it to black and white or sepia have been rolled out to add more of a “casual” tone to virtual meetings, which countless workers have had to engage in due to office closures and lockdowns. Zoom also added filters that add unicorn horns, pirate eye patches, or aerospace goggles to participants. The filters can be configured in the settings.

“We believe that people connect better on video, but feeling connected when working from home is still challenging,” Zoom said in a blog post. “The casual and fun elements that bring us together in the office seem to be missing from virtual meeting culture … until now.”

“Zoom wants to empower you to feel your best in virtual meetings, express your individuality, and build moments of fun into your day with some new features that uplevel your video game,” the company added. 

The move appears to address a serious issue with video conferencing fatigue that many remote workers have felt since lockdown began. Research shows that continuous video conferencing leads to weariness due to the way such technology has disrupted the way we naturally communicate with each other.

As part of Zoom’s changes, users can also exert more control over the lighting of their frame, which can make a difference to people who work in rooms that aren’t  well-lit. 

Another useful new addition is improved noise suppression, which can drown out background noise such as building works or children playing, for example. The low setting will allow for soft background music or audio, while high background noise suppression will apparently provide distraction-free audio for important meetings and presentations.

Users delivering presentations can also adjust their virtual background to overlay their frame over slideshows, allowing them to move the video feed to any part of the screen and even resize the window.

The drive to add more fun is significant given the platform’s origins as a business-to-business video conferencing service and could be a nod to the millions of consumers that have flocked to the system during COVID-19. 

Indeed, several other platforms, including Teams and Facebook, have instigated several major platform changes in order to keep up with the Zoom surge, with Zoom’s latest changes perhaps a means of trying to stay on top of the competition.

Image courtesy of Zoom

SAP HANA Enterprise Cloud finally brought on-prem


Keumars Afifi-Sabet

6 Aug, 2020

SAP has partnered with HPE to make its HANA Enterprise Cloud available on-premise for the first time through HPE’s infrastructure as a service (IaaS) GreenLake platform.

The partnership will allow customers to keep their SAP software configuration and data on-premise while benefiting from the flexibility of the cloud experience, including the subscription-based model that GreenLake is distributed through.

HPE will supply, install and manage customers’ infrastructure, while SAP will contribute their software through the SAP HANA database, including the full SAP HANA Enterprise Cloud catalogue of apps. These will include both SAP S/4HANA and SAP BW/4HANA.

SAP also claims that HPE GreenLake’s cloud service and compliance analytics tools will allow it to offer on-premise capabilities and application management services traditionally offered through the cloud.

The partnership, an extension of HPE and SAP’s existing relationship, aims to meet a longstanding demand from SAP customers unable to use the firm’s software or systems on-premise. The configuration will be distributed through SAP as a ‘turnkey’ system available on a subscription model, favouring businesses that want to keep their hardware on-premise but shift from a capital expenditure to an operational expenditure model.

“The new deployment model SAP HANA Enterprise Cloud, customer edition is a direct response to customers who want the flexibility and service level of a managed private cloud, but need to keep their systems in their own data centres, such as public sector and regulated industry customers,” said Peter Pluim, SAP’s executive vice president and global head of enterprise cloud services.

“We are planning to make that possible with cloud services from HPE GreenLake and white-glove operations and application management services from SAP, which will help unlock value and create new experiences for our joint customers.”

The SAP HANA Enterprise Cloud customer edition will feature optimised architecture comprising secure, high-performance infrastructure, including compute, storage and networking technologies pre-configured for SAP software. The system will offer an end-to-end infrastructure with HPE GreenLake cloud services, with HPE GreenLake infrastructure certified as being able to scale based on the demands of SAP customers.

Gov.uk site among those broken by Firefox cookie changes


Keumars Afifi-Sabet

6 Aug, 2020

A recently introduced change to the way the Firefox browser handles cookies is said to be breaking a number of websites, including the gov.uk platform, with web developers being urged to re-examine their web code.

Mozilla is changing the default value of the SameSite attribute in the Firefox browser from ‘none’ to ‘lax’, meaning the browser will withhold cookies on cross-site requests unless the user navigates to the URL from an external site.

According to reports on GitHub, services on the gov.uk platform are not usable following the SameSite changes, with users experiencing broken elements or pictures missing, for example, on affected sites.

Under the previous default settings of ‘none’, cookie data can be shared with third parties or external sites for advertising embedding content, or other cross-site sharing purposes. If any site hasn’t actually set a SameSite value, Firefox will treat it as ‘lax’ by default, instead of ‘none’, as it has done previously.

The change is designed to guard web users against cross-site request forgery (CSRF) attacks, in which a malicious site attempts to use valid cookies from a legitimate site in order to carry out an attack. This is not to be confused with cross-site scripting (XSS) attacks, in which the victim’s browser executes a script that’s been injected by an attacker while they visit a legitimate website.

The issue largely comes down to developers not traditionally specifying their SameSite value during the construction of their sites. Treating these unset values as ‘lax’ by default means these sites will have to manually set their SameSite setting to ‘none’ if they wish to continue their previous arrangements, in addition to enabling HTTPS, in order to avoid breaking.

‘Doki’ malware attacks Docker servers using Dogecoin


Keumars Afifi-Sabet

30 Jul, 2020

Malware that has remained undetected for six months is exploiting misconfigured Docker API ports to launch malicious payloads, while abusing the Dogecoin cryptocurrency blockchain in the process.

The malware, known as ‘Doki’, is targeting misconfigured containerised environments hosted on Azure, AWS, and a number of other major cloud platforms, according to Intezer researchers, with attackers able to find publicly accessible Docker API ports and exploit them to establish their own containers.

Google Cloud and Orange team up on AI and cloud computing


Keumars Afifi-Sabet

29 Jul, 2020

Orange and Google Cloud have announced a strategic partnership that will cover data, artificial intelligence (AI), and cloud computing services.

Google Cloud will contribute its expertise in cloud, analytics, and AI tools, while Orange will use the help of Google technologies to manufacture a state of the art data analytics and machine-learning platform.

Targeting the B2B, B2C, and wholesale markets, the partnership aims to provide “flexible, secure and cutting-edge solutions”, as well as take advantage of the 5G rollout in Europe by developing edge computing services.

The partnership is expected to benefit Orange by expanding its Orange Business Services’ portfolio, while Google Cloud is hoping the deal will strengthen its presence in Europe. 

Orange and Google Cloud are also planning to jointly create an Innovation Lab, which will enable new industry solution development based on data and AI, as well as a Centre of Excellence that will provide training in data, AI and cloud services for several thousand Orange employees.

Google CEO Sundar Pichai said that the partnership “will help pave the way for new advanced cloud and edge computing services for the telecommunications industry in Europe”. 

“We look forward to working together with Orange to bring new services and applications to customers and businesses alike, while also continuing to grow our support for European enterprises in their digital transformation journeys,” he added.

In a statement, Orange chairman and CEO Stephane Richard said that the French telecom giant is “pleased to partner with Google to accelerate its data and AI transformation and continue towards a better service for its customers”. 

“Google has been a long term partner of Orange and, as Google is eager to invest in Europe – and especially in France – to develop new data centres, this is the perfect time to work on new services and opportunities in French and European markets”, he added.

The news comes weeks after Google Cloud signed a letter of intent with Deutsche Bank, revealing plans to sign a multi-year contract within the next few months. The partnership will accelerate the German bank’s cloud migration and transform its IT architecture, including optimisation of the bank’s current systems in a phased approach.

Google employees to work from home until July 2021


Keumars Afifi-Sabet

28 Jul, 2020

Google is planning to allow its 200,000 full-time and contract workers to continue remote working until at least July next year due to the continued effects of the COVID-19 pandemic.

Alphabet CEO Sundar Pichai decided to extend Google’s remote working plans to the middle of 2021 following a meeting with senior company executives last week, according to the Wall Street Journal (WSJ).

“To give employees the ability to plan ahead, we’ll be extending our global voluntary work from home option through June 30, 2021 for roles that don’t need to be in the office,” Pichai wrote in a memo, as reported by CNN

“I hope this will offer the flexibility you need to balance work with taking care of yourselves and your loved ones over the next 12 months.”

The move to keep Google employees working from home for another full year, on a voluntary basis, would represent a reversal against its plans to begin re-opening company offices in a limited capacity from this month. 

The company announced in May that it would start to open more offices in more cities from 6 July, giving workers the chance to return to a sense of normality, so long as health and safety measures were in place.

Developments with regards to the continued spread of coronavirus across the US has seemingly forced the company’s hand in scrapping these plans and extending the work from home option for another year.

Google’s measures have come after fellow tech rivals, including Facebook, announced permanent changes to their work culture which includes a degree of remote working. 

The social media giant told workers in May, for example, that half of its staff would work from home permanently by 2030. Twitter, similarly, has told its employees they can choose to work from home indefinitely as the coronavirus crisis continues to reshape the way we work.

SAP to make Qualtrics public less than two years after $8bn acquisition


Keumars Afifi-Sabet

27 Jul, 2020

SAP is planning to retain a majority stake in the feedback and survey software firm Qualtrics when it makes the subsidiary public, the company has announced.

The data analytics company will be made public through an initial public offering (IPO) in the US less than two years after the German software giant purchased the firm in an $8 billion acquisition. SAP bought Qualtrics just four days before it was set to go public in late 2018.

The purchase arose after SAP sought to boost its cloud portfolio, integrating Qualtrics’ XM Platform, a system for managing core business information, into a single platform. 

“SAP’s primary objective for the IPO is to fortify Qualtrics’ ability to capture its full market potential within Experience Management. This will help to increase Qualtrics’ autonomy and enable it to expand its footprint both within SAP’s customer base and beyond,” SAP said in a statement.

“Qualtrics, which is part of SAP’s cloud portfolio, has operated with greater autonomy than other companies SAP had previously acquired. The founder Ryan Smith and the current management team of Qualtrics will continue to operate the company.”

SAP will trim its ownership of Qualtrics from 100%, although it plans to retain majority ownership of the company, and says it has no intention of spinning off or divesting this interest in the firm. The company’s founder Smith, in addition, plans to be Qualtrics’ largest individual shareholder.

CEO Christian Klein said SAP’s acquisition of Qualtrics has been a success, outperforming expectations with 2019 cloud growth of more than 40%, “demonstrating very strong performance in the current setup”. 

Indeed, Qualtrics’ revenue rose 34% year-on-year in the second quarter of 2020, according to SAP’s financial results, with the segment earning  €168 million (roughly £153,000,000). Many perhaps would naturally question why a change in ownership arrangement is needed at this stage,

Klein added he alongside senior figures including Ryan Smith decided an IPO would provide the greatest chance for Qualtrics to grow its market, as well as explore its own recruitment and acquisition strategies.

SAP would remain Qualtrics most important R&D and go-to-market partner, in line with its continued majority stake in the subsidiary, while giving the company more autonomy to broaden its partner and customer ecosystem.

IBM Cloud launches centralised security and compliance hub


Keumars Afifi-Sabet

22 Jul, 2020

IBM is developing an in-built security and compliance module for large banks and tech companies using IBM Cloud for Financial Services, giving customers a central hub to manage risks.

The dashboard, which spans infrastructure, platform, data and the developer workflow, allows clients to continuously monitor and enforce security and compliance procedures across multiple workloads to improve cloud security.

Launching in August, the IBM Cloud Security and Compliance Centre builds on the acquisition of Spanugo last month, with the company’s cloud cyber security posture management systems to be integrated into the new product.

The dashboard will take advantage of the acquisition with the capacity for customers to augment the developer workflow with automated security and compliance checks.

This news has come in addition to IBM expanding its reach and collaborations, welcoming BNP Paribas to its customer base of financial institutions, and growing its network of independent software vendors (ISVs) to more than 30 tech companies.

These are providers that have onboarded cloud services and systems to IBM Cloud for Financial Services. This is in addition to a major milestone in IBM’s partnership with Bank of America. 

This collaboration has allowed IBM to establish a set of cloud security and compliance control requirements as the basis for its policy framework. This feeds into the Policy Framework for Financial Services module that allows customers to host key applications and modules with confidence.

“With major financial institutions and technology partners joining our financial services cloud, IBM is establishing confidence within the industry and around the globe that the IBM public cloud, equipped with industry-leading encryption capabilities, is the enterprise cloud for all highly regulated industries, including financial services healthcare, telco, airlines and more,” said IBM Cloud senior vice president Howard Boville.

“IBM is creating a platform with the goal that financial services institutions can address their regulatory requirements, while creating a collaborative ecosystem that helps enable banks and their providers to confidently transact.”

Regulators urge video conferencing firms to review security procedures


Keumars Afifi-Sabet

22 Jul, 2020

Data protection authorities from across the world have urged video conferencing providers like Zoom and Microsoft to review their privacy, security and data protection policies.

In the wake of many more individuals relying on video conferencing during the COVID-19 pandemic, six data regulators, including the Information Commissioner’s Office (ICO), have set out several principles these firms should dwell on.

Since countries were thrust into lockdown, people have looked to the likes of Zoom and Microsoft Teams, Google Hangouts and Skype, among others, to maintain normality and stay connected in their personal and professional lives.

These companies have been told to urgently review security, privacy-by-design and default, which audiences are using their services, how transparent these companies are over data incidents, and how much control end-users retain.

“We recognise that VTC companies offer a valuable service allowing us all to stay connected regardless of where we are in the world,” the open letter said. It has been co-signed by regulators from the UK, Canada, Hong Kong, Switzerland, Australia and Gibraltar. 

“But ease of staying in touch must not come at the expense of people’s data protection and privacy rights. The principles in this open letter set out some of the key areas to focus on to ensure that your VTC offering is not only compliant with data protection and privacy law around the world, but also helps build the trust and confidence of your userbase.”

Zoom, in particular, has been at the centre of a series of high-profile security shortcomings since it rose to prominence at the start of lockdown several months ago. These issues even led to a handful of organisations and national governments banning use of the platform for video communications. 

The company would argue that it’s well on-course to rectifying these security and privacy shortcomings, taking several measures including rolling out end-to-end encryption and adding server routing controls.

Nevertheless, the six data authorities want companies like Zoom to write back by 30 September to demonstrate how it is taking the principles outlined into account in the design and delivery of their services.

In terms of security, the authorities claim to have observed some worrying reports of security flaws that have led to the unauthorized access of personal data. Security measures, therefore, should be given extra consideration, with providers constantly aware of new security risks and threats. 

One measure they can implement is requiring users to regularly update their platforms to the latest version and reviewing how information is processed by third-parties, including in countries abroad.

Privacy-by-design, meanwhile, should be implemented by adopting the most privacy-friendly settings for users by default, effectively erring on the side of caution. Some examples include clearly announcing new callers and setting video and audio feeds to ‘muted’ on entry.

That video conferencing has become vastly more widespread also means there are many examples of groups and individuals using services that weren’t originally designed for them. This may create new risks, the regulators say. One perfect example of this is Zoom being used for remote teaching, which gave rise to the ‘Zoombombing’ phenomenon.

IT Pro approached the ICO to ask what the next stages of this process may be, and whether there will be any follow-up action should the regulators receive unsatisfactory responses.