Google Cloud Platform (GCP) has developed a software service to help organisations handle massive data transfers between on-premise locations and the cloud faster and more efficiently than existing tools.

The tool has been designed for organisations that need to undergo large-scale data transfers in the region of billions of files, or petabytes of data, between physical sites to Google Cloud storage in one fell swoop.

GCP’s Transfer Service for on-premises data, released in beta, is also a product that allows businesses to move files without needing to write their own transfer software or invest in a paid-for transfer platform.

Google claims custom software options can be unreliable, slow and insecure as well as being difficult to maintain.

Businesses can use the service by installing a Docker container, with an agent for Linux, on data centre computers, before the service co-ordinates the agents to transfer data safely to GCP storage.

The system makes the transfer process more efficient by validating the integrity of the data in real-time as it gradually shifts to the cloud, with an agent using as much available bandwidth to reduce transfer times.

The data transfer service is a larger-scale version of tools such as gsutil, a cloud transfer service also developed by Google, which is unable to cope with the scale of data that Transfer Service has been designed to handle.

The firm has recommended that only businesses with a network speed faster than 300Mbps use its Transfer Service, with gsutil sufficing for those with slower speeds.

Customers also need a Docker-supported 64-bit Linux server or virtual machine that can access the data to be transferred, as well as a POSIX (Portable Operating System Interface)-compliant source.

The product is aimed squarely at enterprise users, and comes several weeks after the company announced a set of migration partnerships aimed at customers running workloads with the likes of SAP, VMware and Microsoft.

Brace yourselves, because I’m about to share a theory that may be a little unpopular: I believe it’s only a matter of time before Microsoft Azure overtakes AWS as the dominant force in the world of public cloud. 

I know that may sound crazy, and many of you are probably already reaching for the ‘close tab’ button, but hear me out. 

It’s no secret that Bezos’ cloud computing division is currently sitting pretty as market leader, having capitalised incredibly effectively on its first mover advantage while its’ rivals initial efforts stalled. By cementing its reputation as the biggest force in the cloud industry, it has attracted a number of high-profile customers, but it has struggled to make a major splash within large, established enterprises. 

You know who hasn’t, though? Microsoft.

While AWS has always been a favourite of startups and developers, Microsoft has concentrated firmly on the enterprise and met with remarkable success. To sweeten the deal, Microsoft has also been busily releasing a number of business-friendly features, such as its Azure Arc platform, which is designed to make it easier to consume and deploy its services across a large enterprise estate. In fact, any time I’ve spoken to a CIO who hasn’t yet moved to the cloud but is planning to, Azure has been a key part of their roadmap.

The stated reason for this is usually “well, it works with all of our existing systems”, which is a simple yet compelling point; if your on-prem servers are primarily running workloads like Active Directory, SQL Server and Exchange Server instances, opting for Microsoft’s cloud platform is sort of a no-brainer. Add in the fact that most large businesses are likely to be using Microsoft’s Office and Windows software (and even potentially Windows Server) and the logic becomes apparent.

More importantly, however, Microsoft has learned how to play nicely with others. Azure has always been a more open platform than most have given it credit for, but the addition in recent years of full native support for the likes of Linux and VMware show just how far it’s come. It’s making a real effort to be as flexible as possible, allowing customers to run the workloads that they want in the way they want to run them. 

This includes multi-cloud environments, which is the new hotness for businesses that want to avoid vendor lock-in and increase redundancy protection. Microsoft is more than happy to support multi-cloud deployments, if that’s what the customer wants. 

Amazon? Not so much. As we discussed on a recent episode of the IT Pro Podcast, there have been recent reports that suggest that AWS partners are banned from even using the term multi-cloud, presumably on the basis that – as the current top of the pile – giving customers the option of using multiple providers only increases the risk that they’ll ditch AWS for a better option. Note that in that scenario, the emphasis is not so much on giving customers the best possible option but on trying to hide from them the fact that other providers exist.

Amazon is undoubtedly on the cutting edge as far as tech development goes; its pioneering work on machine learning, serverless computing and function as a service tools are evidence enough of that. It’s enterprise support that will determine the true winner of the cloud wars, however, and in this area, AWS is leagues behind Microsoft.

Lloyd’s of London has secured £300 million to fund a digital transformation overhaul to cut its costs and streamline its processes.

A major part of this overhaul, dubbed Blueprint One, will involve the creation of new digital platforms.

A “digital end-to-end platform” will be used to create a portal and a suite of services for handling complex risks in the insurance and reinsurance market, with the goal of supplementing face-to-face negotiations.

APIs will also be used to help connect the platform to insurance brokers’ own systems, while centralised tools such as a tax calculator and compliance checker will help simplify processes. The platform will be supported with information taken from a common data platform.

A digital Lloyd’s risk exchange will also be created for handling less complex risk agreements at high volumes, allowing for brokers to easily create and purchase policies, while also accessing Lloyd’s products and services. To speed up the placement of risks and reduce their costs, algorithms will automatically rate the risks. Again, a centralised tax calculator, compliance checker, and data platform will help ensure risks are created effectively and above board.

“The risk exchange will build on the market’s current investment in e-trading platforms and other technologies to digitise the placement of less complex risks. It will not replace these systems, but will integrate them so they are compatible,” explained the Blueprint One document. “This will benefit market participants by giving them access to a wider customer base, enabling them to leverage the Lloyd’s brand, its global distribution network, economies of scale and lower costs.” 

A suite of other proposed changes, which will be funded by debt rather than charges made on the market’s members, come in response to poor performance and complaints around the high cost of doing business with Lloyd’s of London. 

As such, the digital transformation process, which will enter its first phase next year, is not just a way for Lloyd’s of London to improve internally but to also help bolster its insurance market. 

“This first Future at Lloyd’s blueprint marks an exciting new chapter for Lloyd’s. It sets out how we are going to combine data, technology and new ways of working with our existing strengths to transform the culture we work in and everything we do – from placing risks and paying claims to attracting capital and developing new products,” said Lloyd’s of London’s CEO John Neal. 

This is yet another example of a long-established organisation undergoing a digital transformation doctrine. But such projects vary in scale, with Lloyd’s of London’s Blueprint One being a major undertaking, while other projects can be of a smaller scale, such as the Department for Transport’s goal to create a digital transport data mapping tool. 

Some projects can be rather different altogether, such as Massachusetts Police’s use of Boston Dynamic robot dogs to sniff out bombs and explore hazardous areas.

Yet regardless of size and scope, there’s a healthy appetite for digital transformation in all manner of organisations and industries, with the goal of taking the latest technology and using it to streamline or redefine how an organisation operates.

Google has revealed the most searched for terms and questions in 2019, with its Year in Search, with the UK taking a bigger interest in the Rugby World Cup than Brexit.

The most searched for term in the UK for 2019 was the aforementioned Rugby World Cup, followed by the Cricket World Cup, and then Game of Thrones.

The search results are largely explained by a strong British showing in both tournaments, while the incredibly popular HBO series Game of Throne came to an end after eight seasons in May, with tensions and plotlines ramping up.

However, both the term Chernobyl and Thanos took the fourth and fifth positions respectively. Those results are a little more surprising, as, given the heavy media coverage of Brexit and other governmental machinations, one could be forgiven for thinking that ‘Brexit’ would be a highly searched term, but in the end, it failed to even make the top ten list for Google searches in the UK.

In fact, no political terms made it into the top 10 list, with the likes of the iPhone 11 and Caitlyn Jenner proving more popular than Boris Johnson or Jeremy Corby. Neither did Extinction Rebellion get a look in, despite the protests and demonstrations in the year gaining high-profile coverage, as well as support and equal measures of condemnation.

When it came to the most searched for news events, ‘revoke Article 50 petition’ came in third place, behind the ‘iPhone 11’ and ‘Notre Dame’ at the top spot.

As for the questions being asked by the Google Search users in the UK, ‘how to watch Champions League Final’, ‘how to watch Game of Thrones’ and ‘how to floss dance’ took the first, second, and third positions respectively.

‘How to register to vote’, seemingly pertinent given the General Election on Thursday 12 December, came in eighth place, being beaten by ‘how to eat a pineapple’.

While IT Pro endeavours to bring you the latest IT news and its effect on the UK public sector, politics and society, it would appear that many of Britain’s Google Search users are more interested in finding out about subjects that matter to them in the here and now, rather than longer-term effects of politics and technological change.

Swedish telecoms giant Ericsson has settled with US authorities on charges including bribery, shelling out more than $1 billion (£759m) to avoid prosecution – one of the largest such settlements to date.

The US Department of Justice (DoJ) was investigating Ericsson under the Foreign Corrupt Practices Act (FCPA) that bans companies listed on US stock exchanges from bribing foreign officials, accusing it of making and improperly recording tens of millions of dollars in “improper payments” around the world.

Ericsson admitted that from 2000 and 2016 employees paid bribes to government officials to help win contracts in five countries – Djibouti, China, Vietnam, Indonesia and Kuwait – covering up that activity via false accounting records, sham contracts and fake invoices.

An Ericsson subsidiary pleaded guilty to bribery as part of the deal.

“Today, Swedish telecom giant Ericsson has admitted to a years-long campaign of corruption in five countries to solidify its grip on telecommunications business,” said U.S. Attorney Geoffrey S. Berman of the Southern District of New York. “Through slush funds, bribes, gifts, and graft, Ericsson conducted telecom business with the guiding principle that ‘money talks.’ Today’s guilty plea and surrender of over a billion dollars in combined penalties should communicate clearly to all corporate actors that doing business this way will not be tolerated.”

According to the DoJ, between 2010 and 2014, Ericsson paid $2.1 million in bribes in Djibouti to help the company win a contract worth €20.3 million to modernise the state-owned telecoms company. The money was sent via a consulting company – the owner of which was married to a government official – and hidden via fake invoices. A similar system was used to pay $450,000 to help it win a contract in Kuwait worth $182 million between 2011 and 2013.

In Vietnam, again according to the DoJ, Ericsson’s subsidiaries paid $4.8 million to a third-party consulting firm to set up a slush fund to pay off companies that the company wouldn’t be able to directly hire because of the company’s due diligence processes; the money was “mischaracterised” in the company’s books. A similar system was used in Indonesia to set up a $45 million slush fund, the investigators said.

And in China, between 2000 and 2016, Ericsson’s subsidiaries paid tens of millions for travel and entertainment for government officials, including some that worked at state-owned telcos, and also made payments for sham contracts with providers in the country for “services that were never performed”.

Don Fort, the chief of criminal investigation at the Internal Revenue Service tax agency, said a lack of compliance and internal controls at the company made it easier for executives and other employees at Ericsson to offer bribes and falsify accounting records.

“Ericsson’s corrupt conduct involved high-level executives and spanned 17 years and at least five countries, all in a misguided effort to increase profits,” said Assistant Attorney General Brian A. Benczkowski of the Justice Department’s Criminal Division, adding that the “strong response from law enforcement” should deter other companies from doing the same.

Under the agreement, the DoJ will defer prosecution of Ericsson and dismiss all charges after three years if the company complies with the rest of the conditions, which include reforming its compliance and submitting to an independent compliance monitor. As part of the deal, Ericsson Egypt pleaded guilty to the Djibouti bribery charges.

The company noted that the payment of $1.06 billion is fully covered by $1.2 billion set aside in the third quarter of 2019. Half of that bill is a criminal fine, the DoJ said, while the other half will be paid to the US Securities and Exchange Commission for related civil charges.

The DoJ noted that the criminal penalty half of the fine had a 15% reduction because Ericsson had partially cooperated with the investigation – though it was criticised for failing to disclose allegations of corruption, not producing materials in a timely manner, and failing to “take adequate disciplinary measures with respect to certain employees involved in the misconduct”.

According to reports, in a conference call CEO Borje Ekholm said the company wanted to move forward. “Certain employees in some markets, some of whom were executives in those markets, acted in bad faith and knowingly failed to implement sufficient controls,” Ekholm said. “I view what has happened as a completely unacceptable and hugely upsetting chapter of our history.”

The SEC has previously fined a wide range of companies under the FCPA, including a $6.3 million settlement with Barclays over hiring practices in Asia, $11.7 million from Juniper Networks to “resolve violations” of accounting and recordkeeping in China and Russia, and $1.78 billion from Petroleo Brasileiro over a bribery and bid-rigging incident.

Members of an online forum have developed a tool that could be used to bypass eligibility checks for Windows 7 extended support and receive free updates after the OS reaches end-of-life.

Only a handful of Windows 7 users can continue to receive updates from Microsoft through its paid-for Extended Support Updates (ESU) programme after 14 January, through to January 2023.

This scheme was first introduced for enterprise customers in August and later extended to SMB users after Microsoft identified “challenges in today’s economy”.

The ESU programme is not available to all businesses, however. Users on tech support platform My Digital Life have therefore developed a prototype tool that could theoretically allow ineligible businesses to continue to receive free updates beyond 14 January.

Before ESU patches are beamed to eligible machines, Windows 7 performs a check to determine whether or not users can receive these updates. This involves the installation and activation of an ESU license key. The created tool bypasses this eligibility check, which is only performed during installation, so users would, in theory, continue to receive Windows 7 updates for free through the ESU scheme without paying an ESU subscription.

The bypass was tested on the Windows 7 update KB4528069, a dummy update which was issued to users in November so they could verify whether or not they were eligible for extended support after 14 January.

Although the tool has worked on the test patch, its creators urged My Digital Life forum members to consider this as a prototype, and not a fully-fledged workaround, as things may change by February 2020.

Microsoft will be keen to ensure there aren’t any ways to undermine the ESU scheme once Windows 7 reaches end-of-life due to the sums it’s charging eligible businesses, and an ultimate desire to shift machines to Windows 10.

The firm is likely to change the way the eligibility check is performed given how simple it’s been proven to bypass.

It’s certainly not a tool that Microsoft is likely to condone, but it does demonstrate the extent to which Windows 7 is still popular as users are trying to retain undisrupted access to the legacy OS.

Businesses have just weeks to upgrade their devices running Windows 7 and Windows XP or face restrictions on accessing critical security updates.

Microsoft has devised a phishing campaign dashboard for its Office 365 Advanced Threat Protection (ATP) module to give customers a broader overview of phishing threats beyond just individual attacks.

The newly-announced ‘campaign views’ tool provides additional context and visibility around phishing campaigns. This aims to give businesses under constant threat from phishing attempts a fuller story of how attackers came to target an organisation, and how well attempts were resisted. 

Security teams with access to the dashboard can see summary details about a broader campaign, including when it started, any activity patterns and a timeline, as well as how far-reaching the campaign was and how many victims it claimed. 

The ‘Campaign views’ tool also provides a list of IP addresses and senders used to orchestrate the attack, as well as the URLs manifested in the attack. Moreover, security staff will be able to assess which messages were blocked, delivered to junk or quarantine, or allowed into an inbox.

“It’s no secret that most cyberattacks are initiated over an email. But it’s not just one email – it’s typically a swarm of email designed to maximize the impact of the attack,” said Microsoft group program manager with Office 365 security Girish Chander. 

“The common pattern or template across these waves of email defines their attack ‘campaign’, and attackers are getting better and better at morphing attacks quickly to evade detection and prevention. 

“Being able to spot the forest for the trees – or in this case the entire email campaign over individual messages – is critical to ensuring comprehensive protection for the organization and users as it allows security teams to spot weaknesses in defenses quicker, identify vulnerable users and take remediation steps faster, and harvest attacker intelligence to track and thwart future attacks.”

Office 365’s ATP tool is an email filtration system that safeguards an organisation against malicious threats posed by email messages, links and any collaboration tools. 

With the additional information at hand, Microsoft is hoping that security teams within organisations can more effectively help compromised users, and improve the overall security setup by eliminating any configuration flaws. 

Related campaigns to those targeting the organisation can also be investigated, and the teams can help hunt down threats that use the same indicators of compromise.

The ‘campaign views’ dashboards are available to customers with a suite of Office 365 plans including ATP Plan 2, Office 365 E5, Microsoft 365 E5 Security, and Microsoft 365 E5.

These new features have started rollout out into public preview, with Microsoft suggesting the features are expected to be available more generally over the next few days and weeks.