Ecosystm Predicts: The Top 5 Cloud Trends for 2021

5/5 (1)

5/5 (1)

As organisations stride towards digitalisation, re-evaluating their business continuity plans and defining how the Future of Work will look for them, cloud adoption is expected to surge. Almost all technologies being evaluated by organisations today have cloud as their pillar. Cloud will the key enabler for ease of doing business, real-time data access for productivity increase, and process automation.

Ecosystm Advisors Claus Mortensen, Darian Bird and Tim Sheedy present the top 5 Ecosystm predictions for Cloud Trends in 2021. This is a summary of our cloud predictions – the full report (including the implications) is available to download for free on the Ecosystm platform here.

 The Top 5 Cloud Trends for 2021

  1. 2021 Will be All About SaaS

2020 was a breakout year for SaaS providers – and a tough one for a lot of on-premises software vendors. SaaS (or mainly SaaS) providers like Salesforce, Zoom, Microsoft had record growth and some of the best quarters in their history, while other mainly on-premises software providers have had poor quarters. SAP is even accelerating the transition to a 100% cloud-based business as their revenue suffers. The race to deploy SaaS tools and platforms is well and truly happening. Many of the usual ROI models and business cases have been abandoned as the need for agility – to drive business change at pace trumps most other business needs. Ecosystm data validates this

This trend will continue in 2021 – in fact, we expect it to accelerate. Most SaaS solutions (such as CRM, ERP, SCM, HRM etc.) are implemented by less than 30% of businesses today – which means the upside for the SaaS providers is huge.

  1. Hybrid Cloud Will Finally Become Mainstream

The sudden move to remote working in 2020 forced most organisations to increase their use and reliance on cloud-based applications. Employees have relied on collaborative tools such as Zoom, Microsoft Teams and WebEx to conduct virtual meetings, call centre workers had to respond to calls from home – most if not all relying on cloud-based apps and platforms. This trend is set to continue going forward. Ecosystm research finds that 44% of organisations will spend more on cloud-based collaboration tools in the next 6-12 months.

But the forced adoption of these tools has also prompted many – especially larger organisations – to worry about losing control of their IT resources, including worries related to security and compliance, cost, and reliability. As for the latter, both Microsoft Azure and Zoom experienced outages after the pandemic hit and this has made many organisations wary of relying too much on a single public cloud platform. Ecosystm therefore expects a sharp increase in focus on hybrid cloud platforms in 2021 as IT Teams seek to regain control of the apps and services their employees rely the most upon.

  1. Carrier Investment in 5G Will Give Edge Computing a Boost

The gap between the hype around edge computing and the actual capabilities it offers will narrow in 2021 as 5G networks are built out. One of the most promising methods of deploying edge computing involves carriers embedding cloud capacity in their own data centres connected to their 5G networks. This ensures data does not unnecessarily leave the network, reducing latency and preserving bandwidth. This combination of 5G and the Edge will be of particular benefit to applications that until now have faced a trade-off between mobility and connectivity. Over the last twelve months, the major hyperscalers announced their 5G edge computing offerings, and some of the major global telecom providers have served as test cases by partnering with at least one hyperscaler and will likely add more over the next year. Expect this ecosystem to expand greatly in 2021.

Cloud environments can benefit from pushing computing-heavy workloads to the Edge in much the same way as IoT and provides a great platform for managing the edge computing endpoints. The flipside of pushing containers to the Edge will be the increased complexity and the fact that the number of attack surfaces will increase. Containerisation must therefore be deployed with security at its core.

  1. Stateful Applications Will Move to the Cloud with Containers and Orchestration

As organisations seek to migrate workloads and applications between platforms in an increasingly hybrid cloud environment, the need for “lifting and shifting”, refactoring and partitioning applications will increase. These approaches all have their shortcomings, however. Lifting and shifting an application may limit its functionality now or in the future; refactoring may take too long or be too costly; and partitioning is often not feasible or possible. A better approach to this task is to modernise the applications to make use of application containers like Docker, Windows Server Containers, Linux VServer and so on, to enable a faster and more seamless way to migrate applications between platforms. We also see container orchestration environments like Kubernetes and containerised development and deployment platforms like IBM’s Cloud Paks.

How these technologies are used to deploy stateful applications in multicloud environments will evolve. A raft of container management platforms, based on Kubernetes, are being released to simplify what was once a complex DIY process. New entrants will look to challenge the cloud hyperscalers, virtualisation giants, and Kubernetes specialists. The emerging features that previously required cobbling together third-party tools, like service mesh, data fabric, and machine learning, will speed up containerisation of stateful core applications. The deployment of containers on bare metal rather than in virtualised environments will also gather pace. The most challenging task will be delivering containerised applications at the Edge, forcing developers and platform providers to create inventive solutions.

  1. Serverless will take us a step closer to NoOps

As the application lifecycle speeds up and the distinction between development and operations shrinks, the motivation to adopt serverless computing will grow in 2021. While NoOps, the concept that operations could become so automated that it fades into the background, is still a distant goal, serverless computing will make a stride in that direction by abstracting the application from the infrastructure. Having seen the agility benefits of a microservices architecture, many DevOps teams will experiment with breaking services down further into functions. Moreover, the pay-as-you-go model of serverless will appeal to OpEx driven organisations. Expect stories of bill shock, however, as were seen in the early days of cloud adoption. While AWS Lambda is currently considered the serverless industry standard, it is likely that in 2021, Microsoft, Google, and IBM will ramp up efforts in this space. Each of these providers will build out their offering in terms of languages supported, event triggers, consumption plans, machine learning/AI options, observability, and user experience.


Download Ecosystm Predicts: The Top 5 Cloud Trends for 2021

The full findings and implications of The Top 5 Cloud Trends for 2021 are available for download from the Ecosystm platform. Signup for Free to download the report.

New call-to-action
2
A Leaner IBM – What Lies Ahead

5/5 (6)

5/5 (6)

IBM announced its intention to spin off its infrastructure services business as a separate public company, allowing Big Blue to focus on hybrid cloud and AI. The newly formed entity, temporarily named NewCo, will offer project and outsourcing services that currently fall under its GTS business unit. NewCo will have a staff of around 90,000 employees and is expected to earn revenue of about $19B. While GTS has experienced declining revenue for some time now, IBM believes that the split will unlock growth and put it on a path to recovery.

Once the Red Hat acquisition closed last year and the tag team of Jim Whitehurst and Arvind Krishna were announced, it became clear that IBM was gearing up to become a leaner, more agile leader in the hybrid cloud space. One of two possible courses seemed apparent – either wither away for years until IBM was small enough to become nimble, or take bold action. IBM has opted for the latter and is likely to be rewarded for it. The new IBM will have revenue of around $59B, well short of its peak at over $100B, but sacrificing turnover for margin and growth gives it a more positive long-term outlook.

Stripping back IBM to become smaller, faster growing, and more profitable, will help solve many of its greatest challenges. Significant investment into growth segments will become more palatable without the financial burden of the declining infrastructure services unit. The well-needed cultural change and drive to think like a start-up will become more practical in the new IBM.

NewCo to Build New Cloud Partnerships

IBM’s infrastructure services unit has had some great success in larger, complex, hybrid cloud deals recently – but at the lower end of the market there have been many head winds. Public cloud providers have eroded what was once a lucrative compute and storage services market. At the same time, application service providers, like Accenture, TCS, and HCL have been pivoting towards infrastructure. Untethering infrastructure services makes a turnaround story more likely, giving NewCo greater flexibility and speed, which clients have been crying out for.

The greatest benefit to NewCo will be the ability to freely partner with other cloud providers, like AWS, Microsoft, and Google. Although IBM has made noises about being willing to embrace its competitors, this was not necessarily implemented on the ground nor was it reciprocated.

It is no secret that GTS and GBS have had a rocky relationship since day one. The split will reassure clients that each of them is agnostic and relieve any internal pressure to partner unless it is best for the client. While elements of this decision look like the unfolding of a long-term strategy that began under Ginni Rometty, it does, however, leave open the question of why GTS and GBS were more closely integrated over the last few years. This also means IBM is moving in the opposite direction to its competitors, who are shifting towards offerings that cover the full stack of services from infrastructure up to applications.

What Lies Ahead for IBM

One detail that is not immediately certain is the fate of IBM security services, which could be integrated with security software at IBM, spun out with the rest of infrastructure services, or even split into consulting and delivery. An important differentiator for IBM has been its ability to build in security at the beginning of transformation projects making final placement a difficult decision.

It might be tempting to predict that next IBM would couple its Systems unit and Support Services to be spun off or sold although Mr. Krishna ruled that out. Over the long term, these are both financially underperforming units but there is an advantage to building the core infrastructure that critical workloads are run on.

Each new IBM CEO has had a make or break moment and Mr. Krishna has decided that his will come early. For the company to thrive for another 100 years it needed to place a big bet and it could not have come soon enough.


Get your Free Copy

3
Ecosystm VendorSphere: AWS Partner Ecosystem Matures as Hybrid Cloud and Edge Computing Meet

5/5 (5)

5/5 (5)

AWS has been busy this year moving beyond its stronghold of public cloud to bring infrastructure closer to the enterprise and ultimately to where the end user needs computing most. The global availability of AWS Outposts, essentially AWS on prem, the launch of AWS Wavelength, edge computing embedded in 5G networks, and the extension of the AWS Snow Family of edge devices, have all combined to create a compelling hybrid cloud story. This evolution in AWS’ strategy has required a maturing of its partner ecosystem, building alliances with telcos, co-location providers, and integrators that are all still trying to cement their roles in the hybrid cloud space.

Outposts: The AWS Vision of Hybrid Could

Outposts launched late last year with availability extended to many mature countries in January 2020, in addition to India, Malaysia, New Zealand, Taiwan, Thailand, Israel, Brazil, and Mexico in June. The plug and play system delivers AWS compute and storage from the organisation’s own data centre with a rack that requires only power and network access. The system is managed with the same tools and APIs used in public AWS regions, providing a single hybrid cloud management console. Outposts is targeted primarily at the enterprise space, with the cheapest development and testing units coming in at $7-8k monthly or around $250-280k upfront, depending on the country. Other higher-end configurations include general purpose, compute optimised, graphics optimised, memory optimised, and storage optimised. Monthly installments attract a 10-15% premium over upfront payments.

The launch of hybrid cloud solutions by the major cloud providers and containerised services that allow workloads to be deployed in public and private environments will ensure enterprises are willing to continue their cloud journeys. Security concerns and data residency regulations have prevented many organisations from shifting sensitive workloads to the cloud. Moreover, as industries launch new customer-facing digital services or transform their manufacturing systems, latency will become a concern for some workloads. Hybrid cloud addresses each of these issues by employing either public or private resources depending on the data, location, or capacity needs.

AWS Outposts has two variants, namely Native AWS and VMware Cloud on AWS. Organisations already heavily invested in the AWS ecosystem will likely choose Native AWS and use Outposts as a means of migrating further workloads that require an on-prem environment over to a hybrid cloud environment. More traditional organisations, such as banks, may select the VMware Cloud on AWS variant as a means of retaining the same operational experience that they are accustomed to in their existing VMware environments today.

AWS will rely heavily on its network of enterprise partners for sales, management, and maintenance services for Outposts. AWS partners like Accenture, HCL, TCS, Deloitte, DXC, NTT Data, and Rackspace have all shifted in recent years to deliver the full stack from infrastructure to application services and now have a ready-made hybrid cloud platform to migrate on to. AWS is also in the process of recruiting co-location partners to serve Outposts from third-party data centres, providing another option that enterprises are familiar with. This will likely come as welcomed news for co-location providers that have been fighting uphill against AWS.

Wavelength: Embedding Cloud in 5G Networks

Another major announcement in AWS’s drive towards hybrid cloud and edge computing was the general availability of Wavelength in August. This service embeds AWS into the data centres of 5G network operators to reduce latency and bandwidth transmission. Data for applications residing in Wavelength Zones is not required to leave the 5G network. AWS is looking to attract mobile operators, who previously might have viewed it as a competitor while the public cloud space was more fragmented and open to telcos. These partnerships are another example of AWS expanding its ecosystem. Current Wavelength partners are Verizon, Vodafone Business, KDDI, and SK Telecom. With their own take on edge services, Microsoft has signed up the likes of Telstra and NTT Communications, while Google has enlisted AT&T and Telefónica. Edge computing in 5G networks will be the next battleground for cloud supremacy.

On a smaller scale, AWS has released new additions to its Snow Family of edge computing devices. AWS Snowcone is a compact, rugged computing device designed to process data on the network edge where cloud services may be insufficient. The processed data can then be uploaded to the cloud either through a network connection or by physically shipping the device to AWS. The convergence of IT and OT will drive the need for these edge devices in remote locations, such as mines and farms and in mobile environments for the healthcare and transportation industries.

Competitive Strategies

Openness will become a critical difference between how cloud platform providers approach hybrid cloud and edge computing. While AWS is certainly extending its ecosystem to include partners that it previously would have viewed as rivals, as the dominant player, it will be less compelled to open up to its largest competitors. If it can control the full system from ultraportable device, to $1M server rack, to cloud management console, it can potentially deliver a better experience for clients. Conversely, the likes of Microsoft, Google, and IBM, all need to be willing to provide whichever service the client desires, whether that is an end-to-end solution, management of a competitor’s cloud service, or an OEM’s hardware.


This report aims to give you an overview of the cloud landscape in Asia Pacific
Get your Free Copy
For more information on “Ecosystm Cloud Study: Market Demand and Competitive Insights “, report please contact us at info@ecosystm360.com

2
Nutanix Strengthens Hybrid Offering with Microsoft Partnership

5/5 (1)

5/5 (1)

Nutanix has emerged as a leading hyper converged infrastructure (HCI) provider and is partnering with public cloud infrastructure providers to bring greater value to its customers. Last week saw the partnership between Microsoft and Nutanix, aimed to evolve the hybrid offerings of both providers. As part of this collaboration, both companies will focus on extending Nutanix hybrid cloud infrastructure to Azure. The collaboration will include the development of Nutanix-ready nodes on Azure to support Nutanix Clusters and services. The benefits expected include improved cost, security, and efficiency. Clients will also be able to deploy Azure instances from Nutanix interface for a consistent experience across their cloud environment. The solution is aimed to eliminate re-tooling, re-architecting processes and other technical challenges of maintaining a hybrid environment.

Ecosystm Principal Advisor, Darian Bird says, “The announcement of Nutanix Clusters on Azure is another piece of the hybrid puzzle that will allow Nutanix clients to extend their private cloud environments into public infrastructure. Organisations want the control associated with a private cloud but with the flexibility to scale up and down in the public cloud. Key to hybrid cloud is an additional layer that enables applications to be shifted from one cloud to another, either to prevent lock-in or to choose the best environment depending on the circumstances.”

The deal will also broaden the sales and support experience for Microsoft and Nutanix. “Nutanix has emphasised licence portability as a key characteristic of its hybrid cloud strategy. Microsoft clients will be able to use Azure credits to pay for Nutanix software, while those already with Nutanix licences will be able to port those over to Clusters on Azure. Simplified cloud procurement will be critical for IT departments looking to optimise cloud expenditure across multiple providers.”

Bird adds, “Organisations will now be able to manage servers, containers, and data services on Nutanix HCI, on prem or in the cloud through a single control pane with Azure Arc. Microsoft has realised that producing a true hybrid cloud system requires it to manage as many types of infrastructure as possible, whether they come from niche partners or major competitors. IT departments want the choice of supplier without adding complexity to their systems.”

Nutanix Strengthening its Partner Ecosystem

“The partnership with Microsoft Azure comes only a month after Nutanix announced the general availability of Clusters on AWS. Considering Nutanix’s close connection to Google, it seems likely that it will also launch on the search giant’s cloud before long,” says Bird.

Last year, Nutanix partnered with HPE for the general availability of HPE’s integrated hybrid cloud as a service offering, HPE GreenLake for Nutanix, and the HPE ProLiant DX solution.

Earlier in the month, Nutanix launched its global partner multi-cloud program – Elevate – to bring Nutanix’s global partner ecosystem under one integrated architecture managed through consistent tools, resources and platforms, to accelerate their clients’ multi-product, multicloud roadmap in their transformation journeys.

“Nutanix has made great strides in its shift from hardware vendor to HCI provider and it’s now focused on delivering tools that enable the shift to cloud. These recent moves will help Nutanix catch up to VMware and become a viable alternative in a hybrid cloud environment,” says Bird.


Identifying emerging cloud computing trends can help you drive digital business decision making, vendor and technology platform selection and investment strategies.Gain access to more insights from the Ecosystm Cloud Study.
Ecosystm Cloud Insights

2
Telefonica & AWS Partnership – The End of the Beginning for Private Cloud

5/5 (5)

5/5 (5)

Earlier this month, Telefónica Germany announced it will use Amazon Web Services (AWS) to virtualise its 5G core for a proof of concept (POC) in an industrial use case and plans to move to commercial deployment in 2021. Part of the POC process is to ensure compliance with all applicable data protection guidelines and certifying them according to relevant industry standards.

“With the virtualisation of our 5G core network, we are laying the foundation for the digital transformation of the German economy. This collaboration with AWS is an important part of our strategy for building industrial 5G networks”, said Markus Haas, CEO of Telefónica Germany.

Sentiment about cloud – especially public cloud – has been on a slight roller-coaster ride since they emerged back in the “noughties”: From initial reluctance to reluctant acceptance – to  customer driven enthusiasm to scaling back and migrating back data and apps to on-premises data centres or private clouds to a more recent acceptance, that most enterprise resources may work best in a hybrid or public cloud environment.

Still, the viewpoint of many is still that core resources for the most part belong on-premises – especially if they are essential for the running of the business or involves sensitive data.

It is in this light that the Telefónica Germany announcement is interesting. On the face of it, it may appear that this is a possible major validation of public cloud as a platform for core systems and sensitive data. Although the core network components will remain on a different platform delivered by Ericsson, there is clearly an element of that.

Perception on Public Cloud

Many organisations remain sceptical with regards to public cloud. Ecosystm data shows that almost 40% have private cloud as their primary cloud deployment model (Figure 1); roughly a third have gone for a hybrid model and only around one quarter have chosen a public cloud model.

Primary Cloud Deployment Model

Most cloud deployment strategies ultimately come down to an evaluation of cost vs. risk and this evaluation is clearly demonstrated in Ecosystm data. Close to 80% of those choosing an on-premises private cloud model mention security and compliance as a main reason whereas cost considerations are the main reason for those opting for a public cloud model (Figure 2). What our data also shows is that public cloud providers are not necessarily winning the argument of cost savings among users.

Reasons for Choosing Deployment Model

For many organisations today, security and compliance concerns are still a valid point against public cloud as a primary deployment model. However, as we see more and more initiatives like Telefónica Germany, this argument diminishes – and it will become harder for IT organisations to convince senior management that this is still the way to go.

The Edge Complements the Cloud

The other noteworthy take-away from the Telefónica Germany initiative is how cloud-enabled edge computing is being embraced by the network design to ensure lower latencies for those who need it. The company states, “If companies use 5G network functions based on the cloud-based 5G core network of Telefónica Germany / O2 in the future, they will no longer need a physical core network infrastructure at their logistics and production sites, for example, but only a 5G radio network (RAN) with corresponding antennas.”

As I’m sure that you are an avid reader of Ecosystm Predicts every year, this should not come as a surprise as we wrote about something like this in the Top 5 Cloud Trends for 2020. Although some are touting Edge computing as the ultimate replacement of Cloud, we then believed – and still do – that it will be complimentary rather than competing technology. Cloud-based setups can benefit from pushing computing heavy workloads to the Edge in much the same way as IoT and provides a great platform for managing the Edge computing endpoints.

But to go back to the private cloud bit – while private cloud is not going away in the foreseeable future, we may be starting to see its demise in the more distant future.

To paraphrase a famous Brit: Now this is not the end. It is not even the beginning of the end. But it is, perhaps, the end of the beginning for private cloud.


Identifying emerging cloud computing trends can help you drive digital business decision making, vendor and technology platform selection and investment strategies.Gain access to more insights from the Ecosystm Cloud Study.

Ecosystm Cloud Insights

3
Alibaba Expands Global Reach with Equinix

5/5 (1)

5/5 (1) Alibaba has been actively expanding its global reach over the last year. There have been several announcements this year to indicate that the cloud provider is looking to benefit from the recent uptick in cloud adoption and support the global recovery initiatives. In April, Alibaba announced its plans to invest USD 28 billion, focusing on infrastructure and technologies related to operating systems, servers, chips and networks, over the next three years. Later in June, Alibaba announced the intention to recruit 5,000 people globally showing serious intentions to become a global cloud player.  It is also strengthening capabilities in markets where they already have a strong market presence. By 2021 Alibaba intends to have 64 availability zones with 21 regions across the globe.

Consolidating Partnership with Equinix

Alibaba’s partnership with Equinix, the interconnection and data centre company dates back a few years. In 2017 the partnership started providing enterprises with direct, scalable access to Alibaba Cloud via the Equinix Cloud Exchange in 5 of their global data centres.

Last week the partnership was further strengthened by Equinix extending the reach of Alibaba Cloud via its network of Equinix Cloud Exchange Fabric (ECX Fabric) Cloud interconnection platform. The deal will widen Alibaba’s cloud reach in the US, EMEA, and the Asia Pacific region for customers to privately connect with Alibaba’s cloud. Under the partnership, Alibaba will integrate its API with Equinix ECX Fabric to facilitate direct and secured connections to Alibaba Cloud, across these regions:

  • 9 US metros. Chicago, Dallas, Denver, Los Angeles, Miami, New York, Seattle, Silicon Valley and Washington DC
  • 5 Asia Pacific hubs. Hong Kong, Jakarta, Singapore, Sydney and Tokyo
  • 3 hubs in EMEA. Dubai, Frankfurt and London

The deal also gives Alibaba direct access to Equinix’s interconnected ecosystem of over 9,700 customers including enterprises, cloud and network operators, and IT service providers.

The Hybrid Cloud Push

In the last 18 months or so, the industry has seen a greater push in private/hybrid cloud or multi-cloud adoption.  Ecosystm Principal Advisor Andrew Milroy says, “As enterprises move to hybrid cloud infrastructures, the world’s leading IaaS providers, including Alibaba Cloud, are expanding their private cloud and hybrid cloud services.”

Many of these IaaS providers may not have the capabilities to provide a hybrid cloud offering at a global level. Partnerships such as the one between Equinix and Alibaba Cloud may well be the solution. Milroy says, “Equinix offers interconnection services from multiple sites across the globe. These interconnection services are necessary for the provision of private and hybrid cloud services, on a global scale, offering the level of performance and security that organisations want.”

“In order to compete with AWS, GCP and Microsoft, Alibaba Cloud needs to be able to scale its private and hybrid cloud offerings globally. Equinix can enable them to do this. At the same time, Equinix will also benefit from Alibaba Cloud’s growth into newer markets, which will lead to an increased demand for its interconnection services.”

 

1
The Cybercrime Pandemic

5/5 (2)

5/5 (2) Organisations across the globe, are facing disruption on a scale never seen before, and are urgently seeking ways of remaining viable. Predictably, cybersecurity is a secondary concern and is often handled reactively. To make matters worse, a chronic cybersecurity skills shortage is being made much more severe by the crisis.

Remote working has reached unprecedented levels as organisations try hard to keep going. This is massively expanding the attack surface for cyber criminals, weakening security and leading to a cybercrime pandemic. Hacking activity and phishing, inspired by the COVID-19 crisis, are growing rapidly. Containing and suppressing this cybercrime pandemic is proving to be almost impossible.

Remote working intensifies known threats posed by phishing and ransomware. More alarming are the distinctive cybersecurity vulnerabilities associated with home working including reliance on home Wi-Fi, increased use of unpatched VPNs and devices, and the exponential growth of network access points. These vulnerabilities increase the likelihood of a breach enormously.

Corporate IT is in a very challenging position. It needs to ensure that organisations can operate in a way that they have never operated before, while ensuring that their assets are secure – a very difficult, if not an impossible task for which there is no precedent.

Some important cybersecurity considerations, during and after the COVID-19 pandemic include:

Re-enforce Basic Cyber Hygiene

As massive numbers of people work from home, basic cyber hygiene becomes more critical than ever before. Organisations must maintain awareness of security threats among employees, ensure security policies are being followed and be certain that corporate software is being updated and patched on time. With a dispersed workforce, these basic practices are more challenging, and training becomes more critical. Phishing attacks are often the primary attack vector for malicious actors, so employees must be able to identify these attacks. They increasingly exploit shortages of goods such as protective equipment and sometimes claim to offer official information relating to COVID-19.

Remote employees often access sensitive business data through home Wi-Fi networks that will not have the same security controls – such as firewalls – that are used in offices. There is more connectivity from remote locations, which requires greater focus on data privacy, and hunting for intrusions from a much larger number of entry points.

Place More Focus on Endpoint Security

The unprecedented switch to remote working is radically increasing the number of vulnerable endpoints. Given that endpoints are located at a distance from corporate premises, it is frequently difficult for IT departments to configure endpoint systems and install necessary security software.

It is vital to assess the security posture of all endpoints connecting to the corporate network. This practice enables an organisation to determine whether or not an endpoint requesting to access internal resources meets security policy requirements. It requires the ability to monitor and enforce policy across all devices, while making onboarding and offboarding seamless.

It is essential that endpoint solutions can be rapidly deployed for remote workers, as needed on both personal and corporate devices. Devices used for remote work need much more than the basic antivirus and antispyware protection. Multi-factor authentication (MFA) and on-board endpoint detection and response (EDR) capabilities are crucial.

Be More Selective About How and When Video Conferencing and Collaboration Platforms are Used

Since lockdowns spread around the world, the use of video conferencing and collaboration tools has grown beyond the wildest expectations of suppliers of these tools. The extraordinary growth of Zoom has made it a target for attackers. Many security vulnerabilities have been discovered with Zoom such as, a vulnerability to UNC path injection in the client chat feature, which allows hackers to steal Windows credentials, keeping decryption keys in the cloud which can potentially be accessed by hackers and gives the ability for trolls to ‘Zoombomb’ open and unprotected meetings. Zoom has so far managed to augment its security features in part by its recent acquisition of Keybase, a secure messaging service.

Switching to an alternative video conferencing platform will not necessarily offer greater levels of security as privacy is typically not a strength of any collaboration platform. Collaboration platforms tend to tread a fine line between a great experience and security. Too much security can cause performance and usability to be impacted negatively. Too little security, as we have seen, allows hackers to find vulnerabilities. If data privacy is critical for a meeting, then perhaps collaboration platforms should not be used, or organisations should not share critical information on them.

Protect all Cloud Workloads

In today’s remote working paradigm, cloud computing is being used more than ever. This frequently exposes organisations to risks that are not adequately mitigated.

Organisations typically need to manage a mix of on-premises technology together with multiple clouds, which are often poorly integrated.  These complexities are compounded by the increasing risk from cyberattacks associated with cloud migration and hybrid cloud implementations. In cloud environments, the leading cybersecurity risks include insecure interfaces and APIs, data breaches and data loss, unauthorised access, DDoS attacks, and a lack of a unified view of assets.

Protection requirements for securing hybrid multicloud environments are evolving rapidly. In addition to tightening up endpoint security, organisations must also place greater emphasis on cloud workload protection. Cloud security solutions need to offer a unified and consistent view across all physical machines, virtual machines, serverless workloads and containers, used by an organisation.

Amend Incident Response Plans

It is the containment of breaches that often determines the success of security policies and procedures. Basic cyber hygiene as well as changes to IT architecture, such as micro segmentation, play an essential role in breach containment. But incident response plans also need to be made relevant to the current pandemic scenario.

Employees and IT teams are now working in a completely different environment than envisaged by most incident response plans. Existing plans may now be obsolete. At the very least, they will need to be modified. Usually, incident response plans are designed to respond to threats when most employees are operating in a corporate environment. This clearly needs to change. Employees need to be trained in the updated plan and know how to reach support if they believe that a security breach has occurred in their remote location.

Critically, new alert and warning systems need to be established, which can be used by employees to warn of threats as well as to receive information on threats and best practices.

 

Organisations are struggling to keep the lights on. In this battle to remain operational, cybersecurity has been taking a back seat. This cannot last for long as the deluge of new vulnerabilities is creating easy pickings for attackers. Cyber hygiene, endpoint security, cloud security, security policies and incident response plans must be continually reviewed.


This blog is based on Andrew Milroy’s recent report titled “Cybersecurity in the COVID-19 Era”.
Click here to download the full report ?

Download Report


1
Ecosystm Snapshot: Oracle Continues to Expand Global Cloud Footprint

4.5/5 (2)

4.5/5 (2) In the Top 5 Cloud Trends for 2020, Principal Analyst Claus Mortensen observed that 2020 is a do-or-die year for Oracle if they wanted to remain as a key contender in the Cloud market. Mortensen said, “Oracle has not been able to break into Cloud in the same way as their competitors and has so far not made the same “leap of faith” into this area as similar companies have. Unless the company makes a clear decision about their Cloud strategy and succeeds in communicating it to the market in 2020, Oracle may quickly find itself more of a niche Cloud player going forward.”

Oracle’s intentions to remain one of the leading global Cloud providers becomes clear as they actively expand their global coverage. Last week Oracle announced that, as part of their ongoing regional expansion plan, they have added local regions in Jeddah (Saudi Arabia), Melbourne (Australia), Osaka (Japan), Montreal (Canada) and Amsterdam (The Netherlands). This expands the reach of Oracle’s Generation 2 Cloud to 21 independent locations, and Oracle intends to further add 15 locations by the end of 2020. At OpenWorld last year, Oracle had announced their plans to have Cloud sites dedicated to the enterprise market as well as government customers.

Dr Alea Fairchild, Principal Advisor Ecosystm, thinks that Oracle appreciates the needs of their enterprise customers. “Oracle understands the sensitivity of the enterprise to the location and availability of their data, which remains an issue with Cloud implementations involving large data sets. They have broken some ground as the first public Cloud vendor with data centres in Saudi Arabia, and are putting efforts in to offer a minimum of two regions in almost every country in which they operate,” says Dr Fairchild. “From a corporate user’s perspective, regional data management and appropriate licensing models are still sensitive spots when it comes to database management.”

Getting Ready for the Hybrid Cloud Market

Oracle also appears to be ramping up for the growing hybrid Cloud market. Ecosystm research shows that more than a third of global organisations have adopted the hybrid Cloud and this will only increase. Given the increased uptake of hybrid and multi-cloud environments, Oracle offers preconfigured links between Oracle and Microsoft Azure cloud regions in the eastern states of the US, London, and Toronto, as part of the Cloud interoperability partnership announced in June 2019. Last year, saw another mutually beneficial partnership between VMWare and Oracle, that supports their customers’ hybrid cloud strategies, allowing the VMware Cloud Foundation to run on Oracle Cloud Infrastructure. Organisations can also avail technical support for Oracle software running in VMware environments both in on-premise data centres and Oracle-certified cloud environments.

“Oracle’s Generation 2 Cloud is now available in 21 locations and is on track to have a total of 36 Cloud regions up and running by the end of the year,” adds Dr Fairchild.  “But when compared to AWS, Microsoft and IBM, Oracle still holds a fraction of the market share.  They can be seen as a niche infrastructure provider, but indeed the partnerships with Microsoft and VMware are set to help Oracle’s Cloud business make traction with companies that are adopting multi-cloud strategies.”

2
Ecosystm Snapshot: IBM & HCL Join Hands to Gear up Hybrid Cloud

5/5 (6)

5/5 (6) IBM is aggressively pushing their products and services with multiple partnerships being announced over the last few months.

In the recent announcement, HCL Technologies and IBM stated that they were collaborating to assist organisations on their hybrid cloud journey. The joint services will offer seamless integration of their customers’ cloud across any private, public and on-premise environment. The hybrid cloud approach is aimed at eliminating the concerns of mixing the different cloud environments yet maintaining scalability and security. HCL will feature new refactoring and re-platforming services to allow organisations to migrate, integrate and manage apps and workloads on IBM’s cloud.

Speaking on the subject, Phil Hassey, Principal Advisor ,Ecosystm, thinks that “the most attractive aspect of this collaboration is that it will bring together the best of both vendors. IBM has such a long history in Infrastructure Management, whereas HCL has – most particularly in the past 5 years or so – built up capability in the space.”

The good news for tech buyers is that they will derive benefits from HCL’s customer knowledge and hands-on approach with the combination of IBM technology, cloud and – of course – Watson. HCL has acquired significant IBM assets that they could extract more value from. The infusion of AI into hybrid cloud will lead to increased automation, improved outcomes and effective investments by clients.

When we look at the individual benefits to IBM and HCL from this deal, Hassey says, “IBM needs new customer logos and HCL can provide that. Conversely, IBM can provide larger enterprise clients to HCL. However, it is not a straight customer swap, they will work to maintain relationships independently.”

IBM is pushing hard towards their plans to capture more market with many big deals announced recently – and undoubtedly many more yet to happen. It is well-documented that IBM has gone through many reinventions but is still deeply entrenched in many of the world’s largest organisations. “IBM is such a large machine that different aspects and offerings are always operating at different speeds”, says Phil. “It needs to accelerate the uptake of Watson, and Watson being available on any cloud will help this.”

The hybrid cloud is desperately looking for big scale integration and transformation capabilities, so this agreement between HCL and IBM will hopefully help kickstart that.

2