Welcome to the 13th issue of IT Pro 20/20.

January always brings with it the Consumer Electronics Show (CES), which serves as a showcase of emerging technology and helps set the tone for the coming year. Although 2021’s roadshow felt a little anaemic, as it was forced online for the first time, it still did the job of creating a much-needed distraction.

A part of this month’s issue covers some of our highlights of the event. CES is always a mix of technology that seeks to break the mould, and technology that reflects the zeitgeist. We saw plenty of the usual suspects, with new PC hardware, IoT technology, and new breakthroughs in TV design capturing the spotlight as they always do. Yet a great deal of technology also sought to capitalise on the pandemic, or at least the greater emphasis on remote work.

It’s important to remember that there’s plenty of innovation going on outside of CES. January also saw the release of the Raspberry Pi Pico, an even smaller addition to the already tiny family of miniature computers. The device is built from a new microcontroller technology, boasts a wide range of programmable I/O options, and supports a wide range of peripherals. We take a look at its design and use cases to see what all the fuss is about.

While the new year has brought with it shiny new toys to play with, many of you may also be feeling that same need for change in your careers. Ongoing economic disruption has made it more difficult to transition away from comfortable work and, likewise, has forced businesses to think carefully about what roles and skills they need in order to flourish. We’ve taken a look at the current market to help job seekers make sense of what skills are in demand, and help businesses create a future-proof hiring strategy.

The next IT Pro 20/20 will be available on 26 February – previous issues can be found here. If you would like to receive each issue in your inbox as they release, you can subscribe to our mailing list here.

Amazon has announced an update to Lex, its conversational artificial intelligence (AI) interface service for applications, in order to make it easier to build bots with support for multiple languages.

Lex is the cloud-based service that powers Amazon’s Alexa speech-based virtual assistant. The company also offers it as a service that allows people to build virtual agents, conversational IVR systems, self-service chatbots, or informational bots.

Organizations define conversational flows using a management console that then produces a bot they can attach to various applications, like Facebook Messenger.

The company released its Version 2 enhancements and a collection of updates to the application programming interface (API) used to access the service.

One of the biggest V2  enhancements is the additional language support. Developers can now add multiple languages to a single bot, managing them collectively throughout the development and deployment process. 

According to Martin Beeby, principal advocate for Amazon Web Services, developers can add new languages during development and switch between them to compare conversations.

The updated development tooling also simplifies version control to track different bot versions more easily. Previously, developers had to version a bot’s underlying components individually, but the new feature allows them to version at the bot level.

Lex also comes with new productivity features, including saving partially completed bots and uploading sample utterances in bulk. A new configuration process makes it easier for developers to understand where they are in their bot’s configuration, Beeby added.

Finally, Lex now features a streaming conversation API that can handle interruptions in the conversation flow. It can accommodate typical conversational speed bumps, such as a user pausing to think or asking to hold for a moment while looking up some information.

A row has reportedly broken out within the government over cloud computing contracts given to Amazon. 

Around £75 million worth of contracts for web hosting, software and support services were awarded to Amazon Web Services (AWS) last year, according to The Telegraph.

That’s reportedly almost double the amount of the next cloud-provider, French firm Capgemini, which was awarded £42 million. This has started to create a divide within the Tory party with some concerned that the government is too dependent on one service.

Speaking at a UKCloud roundtable, Conservative life peer, Lord Holmes, said the tech giant represented  “the latest iteration of the biggest player”, adding that in regards to cloud procurement, it was being allowed to “eat the largest piece of pie”.

Lord Maude, the former minister for the Cabinet Office, also spoke out about the AWS contracts. 

“When it comes to hosting, we’ve regressed into allowing a small group, and one vendor, in particular, to dominate,” he said, according to The Telegraph. “If you take a view of the government as simply as a customer, it makes absolutely no sense for the government to be overly dependent on one supplier. No one would sensibly do that.”

AWS is only directly responsible for less than 1% of what the UK’s public sector spends on IT, but it generates around £8.7 billion in economic value. The firm is the biggest global provider by market share and recent research from Canalys suggested it received more business spend in Q3 of 2020 (32%) than its two closest rivals Microsoft (19%) and Google Cloud (7%). 

Some have pointed out that the likes of AWS are actually helping smaller UK businesses to win government contracts. According to Daniel Korski, co-founder of GovTech firm Public, it is actually helping power some of the most exciting and creative businesses in the country. 
 
“It’s tempting to set up large US cloud providers against small UK startups,” Korski said. “But that totally misses what’s actually going on. Major cloud providers are enabling a new generation of British startups to bid for government contracts as they provide a secure platform to deliver services which government trusts. Before them, startups had few chances of offering products to the government.” 
 
It is also worth noting that AWS recently signed a Memorandum of Understanding with the government to provide digital skills across the civil service and actually increase the diversity of its suppliers by helping smaller businesses to take part in these types of public sector contract. 
 
The government has also put strategies in place that prevents dependence on one supplier, in the form of a green paper published in December. However, there should also be no “outright protectionism”, according to Robert Colvile, director of the Centre for Policy Studies think tank, where gov isn’t “buying British purely for the sake of it”.  

“When you look at how important cloud computing has been to the rollout of the furlough scheme, or the expansion of Universal Credit, or the NHS’s response to the pandemic, it’s clear that the priority – as with all our procurement – should be to get the best quality at the best price,” he said.

IBM has ditched subscription-based cloud pricing in favour of a ‘pay as you go’ scheme as it continues to transform its central focus to cloud provision.

With the Cloud Pay as you Go with Committed Use model, customers will need to negotiate a certain amount of cloud usage they’d be committing to pay for month after month, as well as discounted pricing. 

IBM’s main selling point for its new cloud pricing model is that customers won’t be met with penalties for using more than is expected. Instead, customers will be charged at the normal discounted rate they’ve negotiated for their expected cloud usage.

“With this billing model, you commit to spend a certain amount on IBM Cloud and you also receive discounts across the Cloud platform,” said Amit Patel, offering management, direct sales and Haley Lucey, IBM cloud content experience.

“You are billed monthly based on your usage, and unlike a subscription, you continue to receive a discount even after you reach your yearly committed amount.”

The change comes after another mixed round of financial results for the computing giant, with a 10% surge in cloud growth overshadowed by the sharpest overall revenue decline in five years. 

IBM’s cloud business earned $7.5 billion during Q4, with revenue from Red Hat also increasing by 19%. However, this wasn’t enough to raise overall revenues, which dropped 6% between October and December. 

The pivot to pay as you go pricing is also part of a wider shift in pricing strategy, with IBM also announcing last week that it’s raised the prices of its Enterprise Plan for Db2 on Cloud programme from January 2021. 

The console user experience is also getting an overhaul, IBM says, with changes including visualisation of progress towards a cloud commitment, with ways to identify any discount, spending progress and remaining time on a commitment. 

Customers can also look at their spending break down, month by month, as well as a detailed usage dashboard for each specific calendar month.

Google Cloud has announced a new tool for managing large fleets of virtual machines (VMs).

The VM Manager is a suite of infrastructure management tools which aims to simplify the process of ensuring the security, compliance, and observability of large VM fleets as businesses scale their operations.​

The suite supports Windows and Linux operating system environments and comprises a single dashboard to allow real-time tracking of inventory.

It offers services such as configuration management and patch management, with the latter including patch compliance reporting, which provides insights on the patch status of users’ VMs across Windows and Linux distributions. It also includes patch deployment, which automates the OS and software patch update process, the company explained in a blog post on Thursday.

Lastly, VM Manager also includes an inventory management service which is integrated with Google’s Cloud Asset Inventory product, in order to simplify the analysis of customers’ Google Cloud fleet data.

Announcing the new management tool, product manager Ravi Kiran Chintalapudi and product marketing manager Senanu Aggor said that the new suite “reduces complexity, improves security and compliance reporting, and simplifies monitoring resources in a large cloud environment”.

“By taking advantage of automated tools to keep systems up-to-date, reduce the risk of downtime, and improve productivity of internal users, early VM Manager users tell us that it allows their IT administrators to focus on other business-critical tasks,” they added.

VM Manager is available for testing in the customers’ environment using a free tier which provides a monthly usage of 100 VMs per Cloud Billing account. Once the free tier is exhausted, for all VMs that have an active OS Config agent, each active agent is charged at a rate of $0.003 (approximately £0,002) per hour per VM.

IT Pro has contacted Google Cloud about the availability of VM Manager in the UK and will update this article when more information becomes available.

Last year, the company announced Confidential VMs – Google Cloud’s first product in its new confidential computing portfolio which allows companies to process sensitive data while keeping it encrypted in memory. The feature is an evolution of its Shielded VMs, a tool launched in 2018 that companies could deploy to strip out most of the potentially vulnerable startup processes that trigger when attempting to create a new environment.

Until then, like many cloud providers, Google offered encryption on data at rest and while in transit, requiring that data to be decrypted before it could be processed.

Apple is reportedly planning to roll out its new App Tracking Transparency tool sometime in “early spring”, following months of delays and criticism from competitors.

The tool forces app developers to ask an iPhone user’s permission before the app tracks their activity “across other companies’ apps and websites”. The user will see a notification pop-up on their screen and will be able to decide whether they want to opt in or out of sharing their data with other firms to aid in advertising.

​

The App Tracking Transparency marks a significant change to Apple’s privacy settings, shifting the responsibility from the user to the app developer. Apple previously only let users disable this kind of tracking manually in their iPhone settings.

The update was first announced in June last year but was delayed in September in order to provide digital advertisers with more time to adjust.

According to Reuters, the tool is now expected to be rolled out for most iPhone users as soon as “early spring”, but Apple didn’t provide a specific date. CEO Tim Cook is expected to provide further details later today at the Computers, Privacy and Data Protection conference in Brussels, which coincides with Data Protection Day.

The update has received criticism from other tech giants, with Facebook executives telling investors on Wednesday that the change could have a negative effect on the company’s revenues in the first quarter. Facebook CEO Mark Zuckerberg also accused Apple of having “every incentive to use their dominant platform position to interfere with how our apps and other apps work”.

Earlier this week, Google said that it would cease using an Apple-supplied tracking identifier which would require it to show the warning. However, it also added that it is working with Apple to improve an alternative offering which would help advertisers attribute paid clicks and taps without engaging in what Apple classifies as tracking.

Google also recently released a new tool which would improve users’ privacy. On Monday, it announced that Chrome will now automatically hide the content of web pop-up notifications, including email notifications, Google Chat messages, and other third party websites, when the user is sharing their screen. 

​

The COVID pandemic has changed many aspects of IT, including how businesses manage their digital assets. For many organisations, Active Directory (AD) has for many years been a workhorse that could be depended upon when most of their workforce was centrally located, however the move to mass remote working means it’s vulnerable to cyberattacks. Nevertheless, it remains a critical support mechanism for each worker connected to a company’s network, which leaves IT teams in a tricky situation.

According to Gartner, over 90% of businesses and organisations use AD, and it has become one of the most valuable assets they possess. However, as the business environment AD is used to manage has become more complex and geographically dispersed, the way it’s deployed in most organisations must change.

Businesses have also had to re-evaluate and redraw their digital transformation roadmaps to take into consideration how their processes have changed and what this means for their more comprehensive strategic planning. And while bring your own device (BYOD) has long been a security issue for organisations, the upheaval the pandemic has delivered opens a new series of logistical, human resource, and security challenges, as devices – both company and employee-owned – proliferate.

“Active Directory is like the spinal column of an enterprise and it must be closely protected,” explains Matt Lock, technical director at data security firm Varonis. “If an attacker manages to seize control of AD, they effectively hold the keys to an organisation’s digital kingdom and have privileged access throughout the domain, where they can cause serious damage.”

The cloud has played a critical role in enabling businesses to scale and manage digital assets using AD as the primary management hub. However, companies’ current deployments are likely to become fragile and vulnerable to attack; whereas until last year IT departments had a clear sight of each asset within a business and who has what level of access privileges, this view has moved out of focus with the sudden shift to mass remote working. 

What’s needed is a new approach beginning with migrating AD to a cloud service. Performing this migration gives businesses a more detailed view of your asset landscape and enables higher levels of security to be deployed and maintained.

AD transformation

For most organisations, asset management pre-COVID was a relatively straightforward exercise in user and device tracking. Now the working and threat perimeter has moved to the homes of their workforce, keeping track of the entire IT estate and ensuring high levels of security are maintained has become much more complex. Migrating AD to the cloud can deliver more oversight and integrated support to users who need this to secure their equipment and network connections.

Dan Conrad, field strategist at One Identity, tells IT Pro: “Since the rollout in 2000, AD has changed significantly and the impact of Zero Trust campaigns will change this further. At its core, AD is an SSO (Single Sign-On) solution designed for an easy user experience by providing easy access to objects. Active Directory and Azure Active Directory (AAD) have changed the game a bit by still providing the good user experience but detaching some of the vulnerabilities. For instance, the idea of joining every corporate system to the AD is no longer necessary. AAD and solutions such as Intune allow management of the systems without the vulnerability that goes with every system being ‘trusted.’” 

Many companies see the continued migration of AD to the cloud as the solution to the issues they face managing the array of assets their businesses use. With security front of mind, migrating an AD to a cloud platform can deliver a level of insulation from some cyberattacks.

The holistic approach to managing what could be a diverse range of devices now being used across your business, requires your control and security systems to change. Businesses are increasingly creating domain-joined and BYOD/non-domain-joined systems to give themselves the maximum flexibility with the assets their staff uses, simultaneously delivering a security infrastructure that is more resilient than a simple cloud or on-prem solution.

The business of consumerisation

The threat surface all businesses now face requires a new approach to network management and device security. As early as March 2020, IDC predicted that within two years, over 90% of enterprises worldwide will have a hybrid cloud deployment. As the COVID-19 pandemic took hold, there has been a rush to implement this approach, with businesses being pushed to radically alter how they manage their workforces and the technologies and services they use.

Rajesh Ganesan, vice president at ManageEngine, tells IT Pro: “A cloud-native hybrid IT infrastructure helps organisations respond to change and uncertainty better. That said, even as organisations move to a cloud-first or cloud-dominant approach, it’s important that application, infrastructure, and data security are not compromised.”

Alastair Pooley, CIO of Snow Software, adds: “As we switch to more SaaS applications, you either need to use Azure Active Directory (along with the relevant licenses) or something like Okta to provide that single sign on experience to your staff. Either approach allows you to maintain a corporate directory to control access to resources. It is worth noting that you should re-examine your endpoint security, as traditional group policy (GPO) doesn’t deliver for remote workers. Microsoft’s Defender ATP coupled with Intune is a powerful combination but again you need new licenses to deliver that.”

How your business will manage its human resources and digital assets in a post-COVID-19 environment remains to be seen, as enterprises have yet to make firm plans regarding where the vast majority of their employees will work from. Some workers will return to centralised offices. 

However, a high percentage will remain as remote workers. In this scenario, putting place a flexible and secure system to manage your company’s assets is a sensible move. The agility migrating AD to the cloud can deliver is a desirable option. Review your business’s asset management as it stands today. With some realistic forward planning, you will be able to create bespoke asset management protocols that are right for your staff, and the long-term security of your business.

Microsoft brought in revenues of $43.1 billion for the second quarter of fiscal 2021, a 17% year-on-year increase that was fueled by businesses’ continued demand for cloud services. 

The company reported that Office commercial products and cloud service revenues increased by 11%, with Office 365 commercial revenue up 21% and Microsoft 365 consumer subscriptions increasing from 45.3 million to 47.5 million. 

Microsoft has reported impressive growth reported across almost all its services throughout 2020. At the very beginning of the pandemic, the firm reported massive adoption figures for Microsoft Teams which surpassed 44 million daily active users. 

For Q2, cloud computing services took centre stage. Dynamics 365 revenue was up 39%, Intelligent Cloud climbed 23% and Microsoft’s server business recorded growth of 23%. As a result, its Azure cloud platform grew 50% year-over-year, the company said.

“What we have witnessed over the past year is the dawn of a second wave of digital transformation sweeping every company and every industry,” said Microsoft CEO Satya Nadella. 

“Building their own digital capability is the new currency driving every organisation’s resilience and growth. Microsoft is powering this shift with the world’s largest and most comprehensive cloud platform.”

Elsewhere, Microsoft reported a 23% increase in LinkedIn revenue, and Windows Commercial and Surface growth of 10% and 3$, respectively. The biggest increase, however, was its Xbox content and services revenue, which climbed by 40% during the three-month period. 

The results showcase the breadth of services Microsoft offer and how well it has responded to the outbreak of COVID. Compared to other cloud providers, such as IBM, the company has seen increases in almost every segment of its business. 

The growth in Azure, and cloud services, in particular, suggest that remote working is likely to continue, even beyond a full rollout of the coronavirus vaccine. 

Accenture and Salesforce have expanded their partnership to help companies embed sustainability into their business, meet growing end-user demand for data-based insights and accelerate towards United Nations’ sustainable development goals (SDGs).

The new partnership also focuses on providing the C-suite with true visibility into their company’s historical and real-time environmental, social, and governance (ESG) data. Organisations will track, measure, and act on a range of sustainability initiatives, including reporting on carbon usage, supporting customer engagements, creating positive consumer experiences, meeting regulatory requirements, and developing new business models.

“Every CEO is recognising their responsibilities don’t stop at the edge of the corporate campus or Zoom,” said Marc Benioff, chairman and CEO at Salesforce. 

“By integrating sustainability deep into the fabric of our companies, our businesses will become more successful, our communities more equal, our societies more just and our planet healthier. We’re incredibly proud to be working with Accenture to help customers more readily drive sustainability programs that benefit all stakeholders and create business value.”

Salesforce Sustainability Cloud helps businesses measure and manage their carbon footprint by offering a 360-degree view of their corporate environmental impact. It also helps organisations transparently report their investor-grade climate data. As part of their new collaboration, Accenture will leverage Salesforce’s Sustainability Cloud to develop sustainability insights that can scale across organisations and their ecosystems.

“Climate change continues to be one of the most critical challenges facing business and the broader planet,” adds George Oliver, CEO of Johnson Controls. 

“We are pleased to be working with Salesforce and Accenture in accelerating sustainability activities for JCI, for our customers and our communities, especially as momentum for action continues to grow.”

Later this year, Accenture and Salesforce will work together to expand their combined platform and services to track and analyse broader ESG metrics, from water and waste management to diversity and inclusion.

Cisco has launched four new devices in its Catalyst 8000 Edge series. They include a 5G cellular gateway, two Virtual CPE Edge units, and a heavy-duty aggregation router, all designed to support SD-WAN networking.

The company debuted its Catalyst 8000 family last October, and Cisco expanded the range by launching the Cisco Catalyst 8500L, the latest addition to the Catalyst 8500 Edge family. This is a collection of what Cisco calls aggregated service routers designed with large enterprises and cloud service providers in mind. They’re an evolution of the company’s ASR 1000 series of routers. 

Cisco designed the Catalyst 8500L for SD-WAN use cases, where wide area network (WAN) connectivity is configurable via software. They also support the emerging secure access service edge (SASE) model that Gartner defined in mid-2019. That builds on SD-WAN to offer zero-trust networking capabilities for secure access.

The 8500L is an SD-WAN capable router that offers WAN connectivity at speeds of up to 10 Gbps. Rackable in a 1RU form factor, it runs either at core sites or colocation sites and features twelve x86 cores and up to 64 GB of memory, which Cisco says will support secure connectivity for thousands of remote sites. It also includes Cisco Trust Anchor technology, a tamper-proof trusted platform module that guarantees the hardware is authentic to protect against supply chain attacks.

The Cisco Catalyst 8200 is a 1 Gbps branch office router with eight CPU cores and 8 GB of RAM, which Cisco says doubles the performance over the existing ISR 4300 series. That is helped by a hardware performance acceleration feature called Intel QuickAssist.

Complementing the Catalyst 8200 is the Cisco Catalyst 8200 uCPE, a branch office customer premises equipment (CPE) device with a small physical footprint. It features eight CPU cores and supports up to 500 Mbps aggregate IPsec performance. It can also take pluggable interface modules (PIMs), which are hardware extensions giving it cellular connectivity options.

Speaking of cellular communications, the new Cisco Catalyst Cellular Gateway 5G plugs into a router to offer on-premises cellular connectivity in sub-6GHz bands. The device uses Power over Ethernet (PoE) to relay cellular communications back to the router.

Admins can manage the devices using software, including vManage, licensed under Cisco’s DNA model. vManage has three tiers: 

• DNA Essentials offers core SD-WAN, routing, and security features. 
• DNA Advantage gives subscribers the Essentials package, plus support for advanced routing capabilities including MPLS BGP; better security support with Advanced Malware Protection and SSL proxy features; and access to Cisco’s Cloud OnRamp, which helps with connectivity to multiple cloud service providers.
• DNA Premier adds centralized security management for all locations.