koththamalli epa | information technology consulting






Brexit – In times of uncertainty, Opex rules


The future of the united kingdom and its finances is undeniably uncertain within the wake of Brexit. With a news landscape that changes daily, making decisions regarding the technology spend within an organisation is one among the CIO’s biggest challenges. during this unpredictable climate, it's only natural that each business are going to be hesitant to spend a penny quite it absolutely has got to .

In recent years CIOs have pursued the opportunities presented by cloud service providers, offering ‘flex-up, flex-down’ rental models for hosting & storage. not did CIOs got to invest their capital. Investments that demanded a clinical specialise in sweating assets over a 3 to five year term to deliver the acceptable ROI. Now, rapid deployment and short term consumption are all made possible under the ‘cloud based’ operating model.

Today, despite the present market’s volatility and reluctance to spend on anything with a mid to future return, businesses simply cannot afford to ignore their IT requirements or they're going to risk falling behind. Using outdated technology results in a competitive disadvantage and real risk of failing to work at full business potential. Furthermore, when and/or if the economic uncertainty settles, they're going to potentially need to undertake an outsized financial outlay to urge up to hurry . the great news is there are ways to remain before the curve and efficiently manage financial IT investment.

Historically, during the macro economic landscape within the eighties, many businesses moved from large scale enterprise to more flexible financing models and therefore the current uncertainty will see this example occurring again. Businesses need scalability and adaptability , and therefore the Opex “pay as you go” model offers flexibility consistent with market demands. To preserve of the hosting & storage function, smart providers are now offering to de-risk investment in core infrastructure and therefore the end-user estate. quite simply a leasing model for hardware (which still demands a term commitment or face a cancellation penalty), the choice to rent the complete end-user or core infrastructure bundle is now a rare but realistic option. And critically the provider assumes the danger of the business de-aggregating or shrinking; stop using, stop paying.

So for several , committing to a one-time cost – a Capex model – and a multi-year depreciation schedule just isn’t cost-effective, desirable or dynamic enough within thecurrent climate.

Businesses that move from Capex investments to an Opex model can enjoy greater flexibility and diminished risk; with IT spend closely linked to the ebbs and flows of business demand and economic process . Opex allows companies to interact the resources and expertise of managed services, including cloud hosting, experts while eliminating the necessity for capital investment on technology project; replacing up-front cost with pay-as-you-go operational spending and therefore the opportunity for increased agility.

For those struggling from the CFO who is of course concerned that historic investments, which still have value to be managed, the transition to a predominantly Opex model doesn’t need to happen in one migration. Blended models that make use of current investments in technology, including historic contracts with sub-contractors, are often built into a service delivery model that evolves over time. Refreshing Capex financed assets with Opex leased equipment when the technology ceases to be fit purpose or when the value is fully written down. Integration happens both at the technology and commercial levels; but once migrated the pliability and diminished risk become tangible benefits.

And to any ‘late adopters’ of the cloud model, Opex presents an excellent opportunity for organisations that were uncertain before, but now wish to check the water – by investing in rental, hybrid models – and only paying for the info or services used, with any peaks in demand covered using contractor resources. And thankfully the CIO can adopt when new investment become a necessity whilst sweating the prevailing investments during a fully hybrid model – there’s no material outlay to adoption.

Employing an Opex model also will potentially accelerate further adoption of cloud technology in business, as organisations still build trust within the cloud ecosystem.


Why the united kingdom needs its own privacy-focused program 


Most folks would agree that privacy is vital . Without it, our ideas and actions are exposed to the planet without our consent – something that even the foremost open of people would surely accept isn't without its issues. Privacy isn't about hiding criminality , but about having the ability to settle on what we keep to ourselves and what we share.

Unfortunately, maintaining our privacy is becoming increasingly difficult and within the digital age even something as seemingly benign as employing a program comes at an unexpected cost. With personalised advertising providing such a lucrative market, program providers are harvesting personal information on an unprecedented scale. Sharing our personal data, including our age, location, likes and dislikes, is that the modern cost of using the web .


Protecting UK privacy

Although there are privacy-focused search engines available, like DuckDuckGo within the US, Oscobo is that the first to focus on the united kingdom market. this is often important as location can play an important role in providing relevant results. By employing a UK-based privacy program , users can receive results that are targeted to a UK audience, but without the program having to reap individual location data. Of course, if users plan to add further location details into their search string, like “Places to dine in Manchester,” for instance , they will still receive more precise results.

There also are variety of other reasons why the united kingdom was evidently ready for its own privacy-focused program . Although the foremost prominent surveillance headlines of recent years have surfaced within the US, namely those involving Edward Snowden and therefore the NSA, the united kingdom has some significant privacy controversies of its own.

The ongoing debate surrounding the Investigatory Powers Bill, currently being scrutinised in Parliament, suggests that online privacy is a crucial issue here within the UK. additionally , the more that users understand about the sort and quantity of data being collected by Google and similar sites will likely cause more privacy concerns.

Already, the privacy-search market is showing promising growth, outstripping that of the search market as an entire . All of this points to the very fact that there's a receptive audience within the UK ready for a privacy-focused program .

In the future, however, there are plans for Oscobo to expand into other European markets. Although privacy could also be a universal right, each market has its own particular concerns, which is why we believe that the united kingdom and other nations deserve a reliable, secure and surveillance-free program all of their own.


The Facebook Internet


Facebook has over 1.71 billion monthly active users* – quite the population of the worlds largest country and it's continuing to grow daily. 1.57 billion* of those users access the location from a mobile device and Facebook are responding to the present by rolling out new features on their Facebook and Messenger app whilst the desktop site remains relatively unchanged. With more features and content being added to the app regularly, a closed ecosystem is developing and users can access almost anything they have without the necessity to go away . Facebook doesn’t just want to have the Internet; Facebook wants to be it.

The reason this is often working is right down to the unparalleled popularity of Facebook as a social media site. With a monopoly on users, Facebook can chase away competition from other services just by being something that folks are already on board with. Take the introduction of Facebook Live for instance . Live video streaming has been popular for sometime with apps like Periscope, but now that an equivalent service is out there on Facebook, why go anywhere else? there's no got to download a replacement app or persuade friends to check in and users now have one more reason to travel on Facebook. Similarly, Facebook games, Instant Articles and video integration have increased users’ app ‘dwell time’. By delivering content users want to ascertain supported their own likes and therefore the opinions of their friends, the experience of playing, watching or reading is enhanced on Facebook and users are far more likely to interact .

One of the foremost interesting features Facebook has introduced to its app to extend time spent on the location is one which may have passed users by. The Facebook browser may be a stripped-down web-view window that permits users to remain within the Facebook site when opening external links (links that might previously have meant navigating away). By opening links on Facebook, the in-app browser shares information back to the location whilst the user features a normal web view experience. Although it's still basic, the Facebook browser allows users to bookmark pages, navigate back and forth, and displays the sentiment of other Facebook users during a response bar at rock bottom . most significantly , loading is fast and completely seamless between the app and browser making it highly unlikely users will prefer to view this content elsewhere.

So what does Facebook gain from this move towards providing users with a closed ecosystem? The short answer is data. By adding more features and thus increasing users’ ‘dwell time’, Facebook aren't only increasing the quantity of your time a user are often shown ads, but also gathering more information on the sorts of ads they need to ascertain . With the in-app browser, Facebook learns what websites a user has visited, and for those taking the time to comment or react, exactly how they feel about the content delivered. Put this information along side information on the games they wish to play and therefore the articles they wish to read, and therefore the personal and social information already shared on their profile and Facebook have an upscale and sophisticated insight into the sentiment and personality of every individual user. This information are often wont to create content that keeps users hooked and is shared with advertisers to deliver highly tailored, relevant advertising that appeals to the user without them feeling like their online space has been invaded. Ultimately click rate and sales are increased and therefore the value of Facebook’s advertising space is raised.

Facebook is changing the way we use the web and by adding more features to its ecosystem, users are getting independent on the location with less reasons to go away and fewer decisions to form , sharing their habits, tastes and opinions with the Facebook just by interacting. subsequent logical step for the corporate would appear to be the event of a full Facebook browser. this is able to not only give users more reason to go straight to Facebook once they go browsing , but also keeping them off major competitor sites like Google. Improving the limited functionality of its existing in-app browser by adding the choice to type URLs and tab support would be a game changer and convey Facebook one step closer to its goal, meaning that logging on really does become synonymous with happening Facebook.

Currently, the general public sector IT community faces an environment where the sole certainty is uncertainty. This predicament is right down to the Brexit vote. it's becoming harder to entice stressed and distracted ministers to believe much else within the wake of state being reshaped to consult and deliver a replacement role for the united kingdom within the world.

No-one knows which form Brexit will take, and there are many possibilities, so its impact on the broader public sector within the four nations of the united kingdom is tough to pin down. meaning government policy on everything from borders to farm payments might be up within the air for years – Brexit complicates life for state CTOs and CDOs. Digital and technology projects linked to policy will need to await a clearer picture.

However, there also are reasons to be cheerful. instead of expecting the plow ahead on projects which will never materialise, CTOs should take the chance to repair their underlying IT infrastructures. With flexible, low cost infrastructure and skilled development teams in situ , technologists are often agile when the time comes for them to implement new government policies and build new services. now's the time for cloud.


Making healthy gains

Ex-Minister Francis Maude set the tone for Cloud when he announced the ‘Cloud First’ policy for central government in 2013, making it clear that Cloud is during a ll|one amongst|one in every of"> one among the few bright spots in a static public sector IT market. Cloud services, including SaaS, PaaS and IaaS, only accounted for around two per cent of overall public sector IT spend at that point , but has been growing at a really healthy 45 percent per annum since.

‘Cloud First’ was characterised as a policy that might essentially drag the unwilling adopters of state IT into the 21st century. However, this was deemed to be unfair; public sector IT professionals have long ago understood the potential benefits of cloud and ‘as-a-service’ delivery models.

G-Cloud has been a superb vehicle for those early cloud projects: not just commodity IaaS, but also SaaS tools supporting new collaborative ways of working. It offers buyers a simplified, quick route to access a good range of suppliers, especially SMEs who are often exclude of the general public sector market. on the average , the general public sector is now spending over £50m per month via G-Cloud (although some 80 per cent of that has been for professional services, instead of SaaS, PaaS and IaaS).

Where there’s hope, there’s hype
The next wave – call it public sector cloud 2.0 – is being driven by the transformation of existing services, instead of fresh projects.cloud technology companies
 Opportunities are going to be opened as legacy IT outsourcing contracts come to an end, and organisations look to shift workloads to the cloud.

Kable analysis of G-Cloud sales data – supported by anecdotal evidence from suppliers – suggests that sales growth has reached a plateau. Public sector cloud remains in its infancy and has huge growth potential, but much of the low-hanging fruit has gone.

As my colleague Gary Barnett has argued, people sometimes mention cloud as if it had magical, unicorn-like properties. And herein lies the difficulty . The ins-and-outs of the truth of cloud migration is ignored and buyer enthusiasm isn't always protected by expertise. We see evidence of this in cloud-hosted government digital services apparently not architected for cloud potentially crashing under completely predictable demand spikes, for instance , DVLA’s digital tax disc registration, and GDS’s Register to Vote service, for instance .

Making a hit of cloud isn't about swapping out expensive infrastructure for reasonable public infrastructure, and it’s not about G-Cloud. It’s about enterprise architecture; data quality projects; new deployment processes, governance models, security policies and repair management. It’s about hybrid cloud and cloud orchestration. It’s anything but simple.

Here comes Cloud 2.0
The competitive landscape is additionally changing. As requirements evolve, variety of UK-based SMEs have succeeded on the rear of a public sector preference for UK data centres. Life will unfortunately become tougher for them as public cloud giants Microsoft and AWS open UK data centres this year. Systems integrators, including IBM, CSC et al. , can additionally provide hybrid cloud services on an outsized scale.

In the wake of Brexit, smaller players could find yourself counting on client fears about data sovereignty to stay them in business. However, it might be preferable for suppliers to supply a positive vision to the general public sector, not just a negative one.

Tackling the barriers to cloud adoption should be the most priority, using services like data governance frameworks, security audits and migration programme management. SMEs also got to start getting over the G-Cloud hype. Some suppliers have learnt the hard way that Digital Marketplace is not any substitute for sales and marketing – this is often becoming even more apparent as buyer needs become more complex and fewer suited to G-Cloud. Those suppliers that wish to stay within the commodity space will need partners which will bring them into clients’ hybrid environments.

Above all, suppliers should be helping clients to create their own expertise and knowledge, in order that the united kingdom government can become the well-informed customer for cloud services that it aspires to be. And, perhaps, to urge its infrastructure into shape for the day when politicians and therefore the public finally decide just what Brexit means for the longer term .

Are your employees putting your cloud data at risk?

Ransomware has spent quite little bit of time within the spotlight as a serious culprit of knowledge breaches. there's however, another threat that while not as sensational as ransomware, are often even as risky. That threat is people. Of all the info breaches reported within the UK during Q1 2016, ICO data reveals that 62 percent were caused by human error. In fact, ransomware wouldn’t be as prevalent because it is that if it weren’t for people like you and me making blunders such as accessing insecure sites , downloading infected software or clicking a phishing link in an email.
Unfortunately, the value of human mistakes is larger than one might think. consistent with research by the University of Portsmouth, fraud and human error are costing UK organisations around £98.6 billion a year. the particular number is even larger, because the reported figure doesn’t include undiscovered or unreported incidents.
While some might think that storing data within the cloud keeps it from being susceptible to ransomware, they’re wrong. Ransomware can encrypt files on hardware and cloud services alike.

When educating your employees, specialise in the subsequent principles to assist ensure your staff follow cybersecurity best practices.
Handle data with care.
The majority of incidents due to human error are related to sheer carelessness or lack of data about the way to properly handle data. to stop unauthorised access to data, employees should consider who else could be ready to view the knowledge they store within the cloud. they ought to avoid storing sensitive data on a shared drive or cloud network that’s accessible by people that aren’t authorised to access the info being uploaded. Any sensitive data files should be encrypted, no matter where they’re stored.
Quickly identify phishing emails.
[easy-tweet tweet=”Teach employees to seem for these common characteristics of phishing emails” hashtags=”cloud, tech”]
An unsettling number of employees are falling victim to phishing attempts. consistent with research from Verizon, people opened 30 percent of phishing messages, up from 23 percent last year. Of that 30 percent, 13 percent also opened the attachment, giving malware a transparent path to the network. Teach employees to seem for common characteristics of phishing emails:
Poor design
Incorrect spelling and grammar
Requests for private details
Suspicious attachments
URLs that don’t match the company’s primary domain (to view a URL without clicking a link, users can hover over the link with their cursor)
Respond appropriately to a suspected ransomware attack.
If employees suspect a tool they’re performing on has been impacted by ransomware, it’s critical that they pack up on the device immediately and notify IT.information technology colleges Ransomware wipes files within a group amount of your time , delaying action could end in data loss. albeit you've got backups and are ready to recover your systems, restoring the assembly environment can take as long as a couple of days, which could lead on to costly downtime.
For example, Lukas Hospital in Neuss, Germany, had complete backups of all systems in situ , but when it had been plagued with TeslaCrypt 2.0 ransomware, the hospital estimated that it might take up to 48 hours before its IT environment was fully functional again. As a result, 20 per cent of the hospital’s surgeries had to be rescheduled, and fewer critical care had to be temporarily shifted to other hospitals.
Apply security patches.
New security threats are continually surfacing, exploiting vulnerabilities in hardware and software. to guard their systems against these threats, users got to apply system patches immediately when prompted. Even delaying the updates by a couple of days could increase the likelihood of the system and network falling victim to ransomware attacks and other cybersecurity risks.
Create secure logins.


Avoid shadow IT.
As if the danger posed by human error and ransomware alone weren’t enough, shadow IT only aggravates the threat. Research from Cisco reveals that CIOs estimate that their organisation has 51 public cloud applications in use, but the particular number is more like 730. If your employees are uploading restricted data to an unauthorised cloud application – like Google Drive, Dropbox and Evernote – without proper encryption, this increases your security risk.
Encourage your employees to enlist IT’s help in selecting and implementing cloud solutions. The IT department should be empowered to act as a trusted adviser instead of merely a strict policy enforcer, which can minimise the likelihood of employees resorting to shadow IT.
Follow your organisation’s security policies.
Having clear, enforceable security policies in situ helps your employees know what data they need permission to look at and handle and the way they’re allowed to look at and handle that data. With most UK businesses (95 percent, consistent with a BT study) using mobile devices for work purposes, a bring-your-own-device (BYOD) policy may be a must.
Your BYOD policy should address issues like data security, remote management, data transfer, backups, data wipe and technical support (office or field based). If you're employed with a managed services provider for your IT support, make sure that the seller can assist with developing and supporting your BYOD program.
Retrain after a breach.
Having employees who are educated in security best practices reduces the prospect of unauthorised access to data also as ransomware compromising your data and network, but it’s not a fool-proof solution.information technology consulting Employees do still make mistakes. Unfortunately, Experian has discovered that a whopping 60 percent of companies that have experienced a breach make the error of not retraining staff after a breach has taken place. If a breach occurs, review what went wrong and have your employees undergo security training again, with special emphasis on weak areas.
Employees need to observe cybersecurity best practices, but you ought to do your part by ensuring your IT infrastructure is meant to guard against ransomware and other threats. to guard your perimeter, implement a network solution that has intrusion detection and prevention (IDS/IPS), deep packet inspection and perimeter anti-virus, and malware blocking.
Also be bound to copy your systems. If ransomware takes your systems hostage, paying the ransom isn't recommended, because it only encourages hackers, therefore the key to recovering your IT environment may be a reliable disaster recovery as service (DRaaS) solution that makes and updates an entire image of your system as frequently as you specify, sometimes whilst often as every quarter-hour .