All posts by Sabina Weston

Majority of UK firms say cyber threats are outpacing cloud security

Sabina Weston

10 Jul, 2020

New research into cloud security management has found that 83% of UK organisations believe threats to cloud systems are outpacing their ability to effectively deploy countermeasures.

This places the UK behind the global average, at 71%. By contrast, only 53% of German enterprises believe the same.

Cyber security company Palo Alto Networks has published its findings about the practices, tools, and technologies that companies around the world use to manage security for cloud-native architecture, interviewing 3,000 professionals in cloud architecture, information security, DevOps, and application development located across the UK, Germany, USA, Singapore, and Australia.

The State of Cloud Native Security report shows that UK organisations today host 42% of their workloads in the cloud and expect this to increase to 65% in the next two years.

A significant majority (93%) of UK businesses admitted to using more than one cloud platform, while one in two (57%) said they use between two and five. The trend was reflected on a global scale, with 94% and 60% of global organisations admitting to the same respectively.

However, the report has found that the growing reliance on cloud infrastructure has not translated into increased confidence in cloud security. In fact, 84% of UK respondents admitted that their organisation struggles to draw a clear line between their own responsibility for cloud security and their cloud service providers responsibility for security.

Low confidence in cloud security, and undefined responsibility for it, coincides with a surge in the number of attacks on cloud accounts, up by 630% between January and April of this year, according to McAfee. A majority of these external attacks were large-scale attempts to access cloud accounts with stolen credentials and usually targeted collaboration services like Microsoft 365.

The research also found that, while overall enterprise use of cloud services increased by 50%, access to the cloud using unmanaged, personal devices doubled, contributing to the risk of company data being stolen.

Google abandons controversial cloud project in China

Sabina Weston

9 Jul, 2020

Google has decided to abandon the development of a controversial cloud computing project named “Isolated Region”, which catered to various governments’ desires to control data within their borders.

The tech giant scrapped the initiative in May, partly due to the coronavirus pandemic but also due to the rising geopolitical tensions between the US and China, where Isolated Regions was being developed, according to two anonymous Google employees speaking to Bloomberg.

The project, which was launched in early 2018, sought to comply with Chinese regulations which require Western companies to form a joint venture with a Chinese partner company when they provide data or networking services. However, the development was paused in January 2019, reportedly due to Google choosing to focus on potential customers in Europe, the Middle East and Africa.

However, according to one source, the geopolitical issues placed demands on Isolated Region that Google was not capable of delivering.

A Google spokeswoman refuted the claims made by the employees, telling Bloomberg that Isolated Region wasn’t shut down for either of the given reasons and that the company “does not offer and has not offered cloud platform services inside China”.

Google has said that the cloud initiative was cancelled because “other approaches we were actively pursuing offered better outcomes”, although it has yet to elaborate on the specifics of these approaches.

“We have a comprehensive approach to addressing these requirements that covers the governance of data, operational practices and survivability of software,” the spokeswoman said. “Isolated Region was just one of the paths we explored to address these requirements.”

“What we learned from customer conversations and input from government stakeholders in Europe and elsewhere is that other approaches we were actively pursuing offered better outcomes.”

The news comes just days after Google, alongside Microsoft, Facebook and Twitter, made the decision to suspend the processing of user data requests from the Hong Kong government, following the implementation of a new security law that criminalises protests. The Hong Kong government reportedly requested data from Google users 105 times in 2019 alone.

IBM buys RPA company WDG Automation

Sabina Weston

8 Jul, 2020

IBM has announced its acquisition of WDG Automation, a Brazillian software provider specialising in robotic process automation (RPA)

Financial details of the acquisition weren’t disclosed to the public, but the companies said they expect the deal to close in the third quarter. 

IBM’s decision to acquire WDG Automation sees the tech giant continuing its expansion into the AI-infused automation market, as it looks to provide its customers with the ability to “quickly identify more granular opportunities for automation (…) as well as help ensure consistent and accurate data is being used across all tools and business functions, including customer service, IT, finance, HR, and supply chain”. 

RPA technologies have the ability to computerise repetitive tasks, removing them from the human employees’ workload and therefore boosting productivity, as well as general welfare and wellbeing.

WDG Automation, based in São José do Rio Preto, Brazil, is a provider of RPA, Intelligent Automation (IA), Interactive Voice Response (IVR) and chatbots. It markets its products at business users looking to create automations using a desktop recorder without the need for IT.

WDG’s software robots are able to run on-demand or by using an automated scheduler, depending on the customer’s needs.

The company’s founder and CEO Robson Felix called automation “crucial in the digital era, as businesses need to perform several repetitive or routine tasks so that employees are able to focus on innovation”.

“I’m incredibly proud of the role WDG Automation has played in the RPA market with a unified and integrated platform to help companies in Brazil increase their productivity,” he added.

WDG co-founder Kleber Rodrigues Junior said that |joining forces with IBM will scale our capabilities to a wider audience, helping companies around the world accelerate their growth on their business transformation journeys”.

Denis Kennelly, general manager of Cloud Integration at IBM Cloud and Cognitive Software, added: “IBM already automates how companies apply AI to business processes and IT operations so they can detect opportunities and problems and recommend next steps and solutions”. 

“With today’s announcement, IBM is taking that a step further and helping clients accelerate automation to more parts of the organization, not just to routine, but more complex tasks so employees can focus on higher-value work.”

The acquisition might signal a shift of priorities for IBM, which recently decided to “sunset” its general-purpose facial recognition and analysis software suite over ethical concerns following a fortnight of Black Lives Matter protests.

Last week, the company unveiled an AI-powered inventory control system to help businesses optimize their decision-making and build resilient supply chains more effectively.

AWS launches dedicated space business unit

Sabina Weston

1 Jul, 2020

Amazon Web Services (AWS) has announced that it’s introducing a new business segment that will aim to accelerate innovation in the global aerospace and satellite industry.

The Aerospace and Satellite Solutions unit will see AWS expand its services and solutions to the space enterprise sector by providing cloud solutions to support government missions and companies advancing space around the world.

The segment is to be headed by the former director of Space Force Planning at the US Space Force, major general Clint Crosier.

In a blog post announcing the launch, AWS VP Teresa Carlson said that the company is “excited to welcome” Crosier, who “has spent the last 33 years driving transformation and mission success across the space enterprise, and led the Defense Department’s efforts to stand up the U.S.’s newest military service”.

Crosier said that he had “watched AWS transform the IT industry over the last 10 years and be instrumental in so many space milestones”. 

“I am honored to join AWS to continue to transform the industry and propel the space enterprise forward,” he added.

AWS also unveiled Ground Station, a managed service that allows customers to downlink data as well as provide satellite commands across multiple regions. The company said that it is already being used by NASA’s Jet Propulsion Lab.

Rick Ambrose, executive VP of Lockheed Martin Space, an AWS partner, said “it’s exciting to see Amazon Web Services extend that experience to space, fostering collaborations with Lockheed Martin to help solve some of the world’s toughest problems”.

“Lockheed Martin’s innovation focus is driven by tomorrow’s space missions. We’ve supported missions to every planet, participated in every U.S. Mars mission and built hundreds of satellites, from GPS to weather. Together, we share a vision to help our customers access data faster, and gain new insights from sensors in space that make data even more accessible,” he said.

The announcement comes days after AWS took its machine learning-powered CodeGuru development tool out of preview and rendered it generally available.

Employees are overlooked in digital transformation processes, study claims

Sabina Weston

22 Jun, 2020

Just 5% of IT managers consider employees as their top priority when making technology investments, which stifles productivity and causes staff to become overwhelmed.

That’s according to a new study from Lenovo, which surveyed 1,000 IT managers from the UK, Netherlands, France, and Germany. 

The research that employees are often overlooked in the process of digital transformation, with the majority (62%) of respondents reporting that their investment decisions are entirely business-centric.

This leads to new technology slowing down processes instead of improving them, according to a fifth of employees. Lenovo suggests that, in order to experience the full potential of the newly-implemented technology, businesses should ask people-centric questions during the adoption process.

The study also found that flexible working policies introduced during the coronavirus pandemic provided employees with a greater level of support, signalling the emergence of a more people-centric approach. In fact, 70% of respondents have observed more emphasis within their organisation on responsible business.

President of Lenovo’s Data Center Group for EMEA Giovanni Di Filippo said that, although “organisations place greater emphasis on the wellbeing of their employees, (…) the study shows that this is only the beginning”.

“If there is a change of heart and mind within the industry, taking a people-first approach to IT adoption, we will see positive change for both organisations and wider society. Happier employees, greater productivity and a faster pace of innovation – these are the benefits of placing people at the centre of IT decisions,” he said.

However, for the time being, many employees still feel overwhelmed by the complexity and pace of digital transformation– almost one in two (47%) IT managers reported that users struggle to embrace new software.

According to Di Filippo, “data and technology cannot be transformative without humans bringing it to life and giving it purpose”.

“We want businesses to think human by investing in ‘Smarter Technology for All’. As for vendors – it’s time to think beyond what they make and consider who they make it for. If people are put first, we know the benefits and desired company outcomes will be great.”

The challenges presented by the coronavirus pandemic and resulting lockdown can also be credited with accelerating transformation plans, with digital technology enabling the overwhelmed NHS to keep providing vital services to millions of patients.

Privacy advocates urge Zoom to encrypt free video calls

Sabina Weston

17 Jun, 2020

Mozilla and the Electronic Freedom Foundation (EFF) have published an open letter to Zoom that urges it to make end-to-end encryption available for all users.

The letter, addressed to Zoom CEO Eric Yuan, criticises the company’s decision to offer end-to-end encryption only to paying users. 

It has been signed by 19,000 internet users and backed by tech organisations and advocacy groups including Fight for the Future and MPower Change.

Earlier this month, the video conferencing platform announced plans to roll out stronger encryption for businesses and institutions that pay for its service. 

Zoom’s security consultant Alex Stamos suggested that stronger security measures may also be rolled out for non-profit organisations or users in need of an extra layer of protection, such as political dissidents, but added that “the current plan is paid customers plus enterprise accounts where the company knows who they are”. 

The decision has garnered criticism from many tech companies and organisations, including Mozilla and the EFF. In the open letter to Yuan, they argued that “best-in-class security should not be something that only the wealthy or businesses can afford”.

“Around the world, end-to-end encryption is already an important tool for journalists and activists that are living under repressive regimes and fighting censorship,” wrote Mozilla’s Advocacy and Engagement VP Ashley Boyd and EFF’s associate director of Research Gennie Gebhart.

Boyd and Gebhert also criticised Zoom’s recent decision to suspend three user accounts at the request of the Chinese government for hosting meetings to commemorate the 21st anniversary of the Tiananmen Square massacre.

“Tools like Zoom can be critical to help protesters organize and communicate their message widely,” they wrote. “Activists should be able to plan and conduct protest-related activities without fear that these meetings, and the information they include, may be subject to interception. 

“Unfortunately, recent actions from law enforcement – and a long history of discriminatory policing – have legitimized such fears, making end-to-end encryption all the more critical.”

The letter acknowledged Stamos’s argument that full encryption for every meeting would leave Zoom’s trust and safety team unable to tackle child sexual abuse material (CSAM), but added that “restricting end-to-end encryption to paid accounts is not the right solution”.

Organisations such as Fight for the Future, MPower Change, Daily Kos, Kairos, Media Alliance and Jewish Voice for Peace have also launched a petition targeted at the video conferencing platform, arguing that “people who can’t afford Zoom’s services are left vulnerable to cyber-criminals, stalkers, and hackers”. It has been co-signed by 42,000 internet users.

Lau Barrios, campaign manager at MPower Change, said that “end-to-end encryption has always been a racial justice issue”.

“It most directly protects Black, brown, Muslim and poor communities from the disproportionate risk of surveillance, policing, and criminalization,” she said. 

“Zoom has already misled the public once on whether or not they use end-to-end encryption. Openly defending their refusal to provide it to those not wealthy enough to pay to protect themselves and their communities is unconscionable. And it’s a direct refusal to protect activists and organizers from surveillance in this moment.”

IBM Cloud suffers major global outage

Sabina Weston

10 Jun, 2020

IBM Cloud suffered a global outage last night, heavily impacting users who rely on the company’s cloud computing services such as Kubernetes and Red Hat.

Problems started to arise at around 10:30pm BST on Tuesday when users reported unresponsive websites to DownDetector

The company’s own status page was impacted by the outage due to it being hosted on the IBM Cloud. Its internal server error page read: “Sorry, we’ve encountered an error on our end, and our developers are working on clearing this up. Please try reloading the page or following these links back”. 

To the frustration of many users, IBM Cloud did not immediately address the outage. In the early hours of the morning, its Twitter account issued the following statement: “IBM Cloud services are being restored following a reported outage earlier today. We are focused on restoring full services as soon as possible.”

Jay Gilmore, customer success director at MODX Cloud, detailed his experience in reply to IBM Cloud’s tweet: “Communication in a customer crisis is a must. It was extra frustrating because the status page was unavailable, it took two hours for a single tweet about the issue and Notification Center wasn’t available because IAM was down.”

At 2:54am BST, IBM Cloud announced that the entirety of their services had “now been restored”. 

However, its users were not impressed. As one of them pointed out, IBM’s own IT Infrastructure page markets its IBM Z computer with the rhetorical question: “Can you afford even one hour of downtime?”

IBM Cloud’s outage lasted around four hours. At the time of writing, it is not known what caused the outage or how many people were affected by the downtime. 

The outage came only hours after IBM decided to “sunset” its general-purpose facial recognition and analysis software suite over ethical concerns following a fortnight of Black Lives Matter protests.

Despite putting a lot of efforts into developing its AI-powered tools, the cloud giant will no longer distribute these systems for fear that it could be used for purposes that go against the company’s principles of trust and transparency. 

Amazon sues former AWS VP over new Google Cloud role

Sabina Weston

9 Jun, 2020

Amazon has filed a lawsuit against former Amazon Web Services (AWS) VP of product marketing Brian Hall, alleging that his new role at Google Cloud fails to comply with the terms of his confidentiality agreement.

Hall signed the contract with Amazon in June 2018, but his lawyers argued that executives at the company, including former AWS VP of worldwide marketing Ariel Kelman, led him to believe the company would not enforce its non-compete provisions. 

According to court filings, Hall slams the clause as “overbroad, unreasonable, and unenforceable”, adding that his new role at Google Cloud “will not require him to use or disclose any Amazon confidential information”.

“To Hall, that was understandable: as drafted, the clause sweeps far more broadly than necessary to protect Amazon’s legitimate business interests,” the court filings state. 

“Kelman also told Hall that he had never seen Amazon attempt to enforce the clause against a marketing employee, even though several such employees had previously departed for similar positions at Amazon’s rivals. Hall accepted his position with Amazon in reliance on those representations.”

Amazon believes that Hall’s position at Google Cloud, one of AWS’ biggest rivals, could sabotage the confidentiality of Amazon’s competitive information.

The company is planning to enforce the non-compete provisions of Hall’s contract, banning him from working in cloud product marketing for Google, or any other AWS competitor, for 18 months.

According to Amazon, which filed the lawsuit on 18 May, Hall “helped develop and knows the entire confidential Amazon cloud product roadmap for 2020-21”.

“Virtually every day, Hall worked with Amazon’s most senior cloud executives to create and execute those plans. As a result, he was entrusted with an unusually broad view into Amazon’s cloud product plans; its priorities; and its competitive strategy”, the filing reads.

The case could set a precedent for the treatment of similar non-compete provisions which, until now, most often concerned employees in the engineering sector, and not marketing leaders.

The news of the lawsuit comes days after SpaceX CEO Elon Musk blasted Amazon and its founder, Jeff Bezos, on Twitter, telling the company that “monopolies are wrong”

Dell Technologies launches new HPC systems to boost AI workloads

Sabina Weston

2 Jun, 2020

Dell Technologies has announced the launch of two new high-performance computing (HPC) solutions to help businesses run powerful artificial intelligence (AI) workloads in VMware environments and speed up digital transformation projects.

The new Dell EMC Ready Solutions are based on VMware Cloud Foundation and aim to help companies gain AI insights using the combination of Dell EMC systems and new features of VMware vSphere 7, including Bitfusion.

Tom Burns, senior VP of Integrated Products & Solutions at Dell Technologies, called AI a “game-changer” but added that the company’s customers are “lagging behind in adoption because they’re dealing with skills and infrastructure gaps”.

“We’re bringing together the power of Dell Technologies to help customers simplify the process of running AI workloads at scale in their familiar VMware environments,” he said.

The first Dell EMC Ready Solution is a GPU-as-a-Service (GPUaaS) designed to free up accelerator access by creating virtual graphics processing unit (GPU) pools. The system uses the latest VMware Cloud Foundation with VMware vSphere 7 support for Kubernetes and containerised applications in order to run AI workloads anywhere. The containers facilitate bringing cloud-native applications into production with the ability to move workloads as needed.

The second solution, for Virtualized HPC (vHPC), assists and economises the use of VMware environments for demanding HPC and AI applications in fields such as computational chemistry, bioinformatics and computer-aided engineering.

According to a recent study conducted by Forrester Consulting, Dell EMC Ready Solutions for vHPC is capable of delivering up to 18 times faster AI model development. It also delivers up to 20% faster hardware configuration and integration than self-installation and will provide an estimated return on investment of up to 111%.

Arthur Lewis, president of Server & Infrastructure Systems at Dell Technologies, explained in a blog post that “the Dell EMC Ready Solutions for AI: GPU-as-a-Service were designed for those who are just starting their AI journey or who already run smaller AI operations”, while “the Dell EMC Ready Solutions for vHPC were designed for those who want to advance their AI journey by virtualizing their high-performance computing workloads easily using the latest version of vSphere”.

The Dell EMC Ready Solutions for AI: GPUaaS and Dell EMC Ready Solutions for vHPC are available globally now, while the factory installation of VMware vSphere with BitFusion will only become available worldwide on Dell EMC PowerEdge servers next month.

Zoom will offer stronger encryption for paid accounts

Sabina Weston

1 Jun, 2020

Zoom is planning to roll out stronger encryption for businesses and institutions that pay for its service.

Zoom’s security consultant Alex Stamos, who was poached by the company in early April, has confirmed the news but added that the plan was subject to change.

According to Reuters, Stamos has not yet decided whether stronger security measures could also potentially be rolled out for non-profit organisations or users in need of an extra layer of protection, such as political dissidents.

“At the same time that Zoom is trying to improve security, they are also significantly upgrading their trust and safety,” Stamos told The New York Times in an interview published yesterday.

“The CEO is looking at different arguments. The current plan is paid customers plus enterprise accounts where the company knows who they are.”

He added that providing full encryption for every meeting would leave Zoom’s trust and safety team unable to add itself as a participant in gatherings to tackle abuse in real-time.

Zoom hired former Facebook security chief Stamos following numerous security incidents which threatened the immense popularity of the video conferencing platform, such as ‘Zoom-bombing’, which led to numerous companies and institutions banning the use of the platform.

Zoom attracted millions of users and became the most popular video conferencing platform globally. With the majority of its audience using the free version of the platform, Zoom might be trying to increase the number of its paid users and regain the trust of businesses by promising a higher level of security for its paid subscription models.

However, a similar announcement from Facebook, which plans to implement end-to-end encryption across all of its messaging systems, has garnered criticism from its shareholders.

Zoom had been previously criticised for not using end-to-end encryption despite specifically stating that it does on its website. The company finally implemented the 256-bit AES-GCM encryption standard in late April.