Easily Control your Network, Anytime, from Anywhere Multi-site cloud managed Wireless Access Points purpose-built for business networks.
FOR BUSINESS
1300AC WiFi 5 MU-MIMO Cloud Managed Wireless Access Point L APAC 130 0 C
LAPAC1300C is an 802.11AC MU-MIMO Wave 2 Dual-Band (2.4GHz + 5GHz) Cloud Managed Access Point designed with 2x2 internal antennas for 1300 Mbps* total WiFi speed. All cloud managed access points can be configured remotely or with Zero Touch Provisioning using our cloud-native management portal. Key Features Enterprise Cloud Management No Recurring License Fee Cloud Hosted Captive Portal Splash Page 802.3af PoE and 802.3at PoE+ Compliant
Manage Unlimited AP’s and Sites 5 Year Warranty 1 Gigabit Ethernet Uplink Port 8 Wireless SSIDs
166 mm
Free Technical Support
Simple and responsive User Interface
Dedicated business support line
Linksys Cloud Manager’s intuitive user interface is fully responsive and mobile ready.
© 2020 Belkin International, Inc. All rights reserved.
PREPARING FOR THE NEW NORMAL
W
e have survived one of the biggest blackswan events of our lives. The pandemic has surely changed lives and the global economic landscape forever. Our cover story takes a look into how the pandemic obliterated businesses around the globe, impacted their operations, their struggle to embrace digital almost overnight and the security challenges they faced – and continue to face – in the process. Greater influx of digital users and a largely remote workforce that spends phenomenal amounts of time online – working, socializing, entertaining, and shopping – has contributed to attack surfaces expanding like never before. Use of myriad devices and an explosion in the number of digital touchpoints continue to provide cyber criminals with ample opportunities to execute complex attacks and maximize their exploits. Particularly disturbing is the rise in ransomware attacks, which in addition to forcing businesses to give in to the demands for ransom also result in stalling business operations for days together. Our cover story examines this challenge closely. The new normal will come with its own set of challenges and businesses must prepare themselves in advance to be able to build a flexible, nimble, and resilient cyber security posture. Also included in this edition is useful information about announcements, product launches, and initiatives to help you keep abreast of the market buzz. Last but not the least we are pleased to announce 14th Edition of our Annual ICT Champion Awards.
Content
Stay safe, stay healthy.
Vivek Sharma Managing Editor
COVER FEATURE
18
Impact of Covid-19on Cyber Security Artificial intelligence to the rescue
NEWS IN DETAIL
06
HP Brings Cutting-Edge Design and Flexibility to Power Hybrid Shopping Experiences
11
Disposable Nature of Tech is Putting Business Data at Risk
12
A10 Networks Positions the Channel for Growth, Finds Ways to Incentivise Partners
FEATURE
14
Proactive Measures Are Needed To Strengthen Security Posture
16
Security in the Brave New World of Connected Medicine
INTERVIEW
28
Suse Recommends A 4-Step Approach To Secure It Transformation
32
All Sectors Are A Target And Need To Improve Their Cybersecurity
Published by: JNS Media International (OMA Group Company) OMA House, P.O. Box: 3314, Sharjah, United Arab Emirates. Tel: +971 6 573 0000 | website: www.VARonline.com | Sales Inquiries: sales@var-mea.com All other Inquiries: info@var-mea.com | Editorial: editor@var-mea.com Disclaimer: While the publishers have made every attempt possible to get accurate information on published content in this Magazine they cannot be held liable for any errors herein.
www.VARonline.com
JULY 2021 3
TECHNOLOGY
NEWS BYTES
MICROSOFT LAUNCHES WINDOWS 11
M
icrosoft has announced the launch of its Windows 11 operating system that to enhance hybrid working and learning. With a suite of Microsoft's productivity tools, Windows 11 aims to enhance productivity and boost student engagement and employee satisfaction. “For many years, Windows has enabled partners to design the broadest array of devices – across form factors, styles, and features – to power businesses, educate students, and delight billions of consumers around the world,” said Nicole Dezen – Microsoft, VP, Device Partner Sales. “With Windows 11, we shall continue to deliver new experiences across our partners’ device portfolios.”
SOME OF THE NEW DEVELOPMENTS IN WINDOWS 11 ARE: Redesigned for productivity, creativity, and ease: Microsoft has simplified the interface design and user experience for enhanced productivity and creativity, for PC, Android, or iOS devices. A faster way to connect with people: Integrated Chat from Microsoft Teams into the Windows 11 taskbar will allow people to connect – through text, voice, or video – with their personal contacts, anywhere, irrespective of the platform or device they use. PC gaming experience: Microsoft Windows 11 features some of the latest gaming technology, including DirectX 12 Ultimate for immersive graphics at high frame rates; DirectStorage for faster load times and more detailed game worlds, and Auto HDR for a wider, more vivid range of colors, and a captivating visual experience.
Nicole Dezen VP, Device Partner Sales, Microsoft Get information faster: Windows 11 introduces Widgets – a new personalized feed powered by AI. Widgets delivers individualized content and a vibrant pipeline for global brands and local creators alike. A new Microsoft Store: The Microsoft Store has been rebuilt for speed, and features a new design that focuses on ease of use. Not only will it make more apps available, but it will make all content – apps, games, shows, and movies – easier to discover. A more open ecosystem: Microsoft Store will enable developers and independent software vendors (ISVs) to publish their apps regardless of how they are built, to provide more opportunity for developers to reach and engage larger markets. Microsoft has also announced a change to its revenue-share policies. App developers can now integrate their own commerce platform – or that of a third party – into their app, and keep 100% of their revenue.
LINKSYS AND FORTINET ANNOUNCE STRATEGIC ALLIANCE Fortinet Invests $75M in Linksys to Optimize Performance and Management of Home Networks
L
inksys, and Fortinet have announced a strategic alliance with the intent to further secure and optimize the performance and management of home networks in today’s work from home environment. Together, Fortinet, Linksys, and Foxconn Interconnect Technology will offer enterprisegrade connectivity and security and unparalleled quality of service to organizations that need to provide seamless and secure connectivity for their employees to efficiently work from home.
4 JULY 2021
As part of the alliance, Fortinet has made a strategic investment of $75M in Linksys, which provides leading and next-generation router connectivity solutions to consumers and businesses worldwide. In addition, Fortinet will appoint a representative to the Linksys Board of Directors. “We are pleased to welcome Fortinet as a strategic partner in providing secured connectivity for consumers and remote professionals. The collaboration is a testament to the ongoing strength
www.VARonline.com
FOUR STEPS TO HYBRID WORKPLACE SUCCESS By: Morten Illum, EMEA Vice President at Aruba, a Hewlett Packard Enterprise company
A
fter the initial rush to overhaul networks to enable work from home at the start of the pandemic, many other organizations have now set their sights on the next stage of workplace transformation: the hybrid workplace. The move to hybrid working presents many new challenges for organizations, which is also indicative of greater business challenges – constant change and uncertainty. As they look to revamp their networks to support hybrid working, many business leaders are struggling to understand how the investments they make now can deliver long-term value and set their businesses up for maximum agility. No one wants to risk spending money on setting up a new office only to find employees would rather prefer working from home. To help bring some clarity, Aruba has put together a roadmap to longterm hybrid workplace success. It is a four-step guide with actionable advice from our experts on building a network that supports the next stage of workplace evolution and
beyond. It includes: 1. Defining your hybrid working strategy – While leaders are understandably eager to kickstart their office redesign and get employees back in, they must first determine the right hybrid working strategy for their businesses depending on their unique experience of the pandemic. 2. Integrating the longer-term home office into your hybrid
Ken Xie Founder, Chairman & CEO, Fortinet
workplace – Working from home was a reactionary solution to Covid-19. However, now that we all can do it, it is here to stay. If organizations wish to enable their employees to successfully work from home in the long-term without impact or risk, they will need to strengthen their remote foundations – before they even start thinking about the physical office. 3. Reimagining physical office and its connectivity needs – Designing an office that can work for the new reality and near future will challenge organizations to rethink everything from their network infrastructure to physical architecture. From smaller, better utilized spaces, to hyperaware buildings and the connectivity to support them. 4. Financing the workplace of tomorrow, hybrid or otherwise – The hybrid workplace model will need fast, reliable wireless connectivity and a unified, automated and secure network. And for most organizations, this will mean investing in their IT infrastructure.
and reach of the Linksys business. We look forward to leveraging Fortinet’s proven cybersecurity expertise to capitalize on new opportunities,” said Sidney Lu, Chairman and CEO of FIT Hon Teng. “When organizations implement telework at scale, cyber criminals leap at the opportunity to exploit the numerous security gaps that arise. Security-driven networking—a strategy that converges networking and security across the connected environment, from the core, into the cloud, and to the branch and remote workers —enables organizations to see and defend today's highly dynamic environments while preserving an excellent user experience. We are excited to partner with Linksys to deliver highly secure, reliable network connectivity for home-based workers,” said Ken Xie, Founder, Chairman of the Board and CEO at Fortinet.
www.VARonline.com
JULY 2021 5
TECHNOLOGY
NEWS BYTES
TECHNOLOGY
NEWS IN DETAIL
HP BRINGS CUTTING-EDGE DESIGN AND FLEXIBILITY TO POWER HYBRID SHOPPING EXPERIENCES HP Engage Portfolio continues to enable businesses to deliver convenient, secure, and personalised experiences for today’s consumers throughout their business - whether fixed in store or mobile for curbside pickups.” Part of the world’s most secure point-of-sale systems , from traditional to mobile, HP has a portfolio of solutions to empower associates and engage customers.
INTEGRATED PAYMENT, INFINITE POSSIBILITIES
H
P Inc. expanded its Engage portfolio with the new HP Engage Go 10, a convertible system built to thrive on-the-go and serve customers from anywhere, and HP Engage Flex Mini, a powerhouse mini designed to meet the demands of customer applications across verticals. Over the last decade, businesses of all sizes have had to adapt and become more agile as consumer behaviour has evolved, including an expectation for anytime, anywhere access to their content, to businesses, and to brands. In a recent study, 76% of U.S. apparel executives said they plan to improve omnichannel integration in stores to adapt to changing market conditions and consumer behaviour. For many retailers, the global pandemic was an accelerant for omnichannel initiatives such as curbside pick-up and ship from store. HP is designing technology to help businesses create experiences that consumers expect with reliable performance and the agility needed for convenient,
6 JULY 2021
secure, and personalised shopping experiences. Many of the new shopping and engagement habits that consumers have adopted during the pandemic will become their new normal. It is no longer about online vs. in-store shopping, it is about creating seamless, integrated experiences that blend across the various channels to meet customer needs. Brick-and-mortar stores play a vital role in the customer journey by providing the immediacy and hands-on experience that consumers value. “As consumer behaviours and shopping habits continue to evolve, businesses need to remain laser-focused on connecting with consumers in new and exciting ways,” said Cory McElroy, vice president and general manager, Retail Solutions, HP Inc. “The new HP Engage Go 10 and HP Engage Flex Mini reflects HP’s commitment to delivering technology solutions to retailers and hospitality operators that combine sleek designs, expanded capabilities, and the reliability and security needed to run a wide range of operations www.VARonline.com
According to National Retail Federation, convenience is increasingly being defined by contactless shopping, on-demand fulfillment, and inventory availability with retailers that offer convenience driving maximum market growth. To help businesses deliver enhanced, seamless, and contactless interactions with consumers, HP is collaborating with Ingenico, a Worldline brand, a global leader in payments, to integrate payment capabilities into the HP Engage products. With the initial integration option on the Engage Go 10 tablet, enabling businesses to accept most major payment card methods in the U.S and complete transactions onthe-go. “To keep with evolving consumer expectations, merchants need to be flexible with where they can provide assistance and accept payment – whether at the counter, in the aisle, at the curb or anywhere else they interact with the customer – to provide a superior customer experience,” said Skip Hinshaw, Head of Customer Engagement, North America for Ingenico, a Worldline brand. “Together with HP, we’re ensuring that their customers Continued on Page 8
With Open Source Solutions and Global Services from SUSE
We give customers the freedom to innovate everywhere.
TECHNOLOGY
NEWS BYTES
HUAWEI SHOWCASED UPDATED CYBERSECURITY FRAMEWORK AT GISEC 2021
H
uawei participated at GISEC 2021, one of the most influential cybersecurity event in the MENA region, during May 31 to June 2, where it showcased capabilities in smart government, Cloud, and 5G. Aloysius Cheang, CSO for Huawei UAE, spoke on 'Achieving shared success in cybersecurity, the Huawei way: Through technology Innovation and bridging cybersecurity divide via open standards and technical collaboration', 'The 'Splinternet': its impact on Cybersecurity', and 'Regional PPP on intergovernmental organization and big tech'. Huawei experts also spot lighted topics such as 5G in Vertical Industries, Securing the 5G Era, and Supply Chain Cyber Risk. Commenting on Huawei’s participation at the event, Jiawei Liu, CEO of Huawei UAE, said: "GISEC 2021 could not have come at a better time. The accelerated digital trends in the past year have significantly expanded the need for cybersecurity in organizations. Therefore, organizations must reinforce their security posture and boost their cyber defense capabilities." Of the solutions Huawei
showcased at the event included ‘Huawei Smart Government solutions Huawei Cloud, and Enterprise Intelligence (EI) solution. Experts from the company also highlighted how 5G can empower industries within the context of the Fourth Industrial Revolution. Aloysius Cheang, CSO Huawei UAE, said: "At GISEC, visitors could learn about how we collaborate with governments, customers, and partners to tackle cybersecurity and privacy challenges. Our technology solutions, built from the ground up with security in mind, can meet our customers' demands while
nurturing a vibrant ecosystem that will uplift the entire profession and promote innovation." “Cybersecurity and privacy protection is not the responsibility of only one enterprise, nor can it be achieved by one enterprise alone. It needs to be built by the whole society. With the use of advanced technologies accelerating more than ever, particularly in the post-pandemic era, we need to keep pushing the boundaries of technology and driving digital transformation forward in a secure and safe cyberspace,” Jiawei Liu, concluded.
Continue from Page 6 are able to foster a strong customer experience that is not only quick and efficient, but also helps drive revenue and stronger loyalty.” “Powered by 11th Gen Intel® Core™ i5 processors, the new HP Engage Go and Engage Flex products will help retail and hospitality meet the rapidly evolving needs of consumers, by facilitating new transaction and fulfillment capabilities that have evolved from niche offerings to mainstream channels in the wake of the Covid-19 pandemic,” said Joe Jensen, VP, Internet of Things Group and General Manager, Retail, Banking, Hospitality, and Education at Intel.
ELEVATING EXPERIENCES WITH HP ENGAGE TECHNOLOGY The HP Engage Go 10”, a tablet-based convertible
8 JULY 2021
solution, allows sales associates to easily transition between fixed and mobile operations. Starting at 726 grams/1.6 pounds, the mobile and lightweight device is designed to integrate key accessories such as a barcode scanner and fingerprint reader directly into the tablet, providing users with greater on-the-go portability. The option to integrate the Ingenico Moby 5500M payment device into the tablet allows businesses to accept a variety of electronic payment methods, no matter where the customer is located, inside or outside the store. HP Engage Go 10” also utilises the new HP Engage Link software, providing even greater mobile capabilities by bringing remote connectivity to peripherals stations throughout the store allowing them to reduce customer wait times and provide a more frictionless experience.
www.VARonline.com
TECHNOLOGY
NEWS BYTES
VULNERABILITY ON QUALCOMM'S MOBILE STATION MODEMS PUTS ANDROID USERS’ PRIVACY AT RISK
C
heck Point Research (CPR) has found a security vulnerability in Qualcomm’s mobile station modem (MSM), the chip responsible for cellular communication in nearly 40% of the world’s phones. If exploited, the vulnerability would have allowed an attacker to use Android OS itself as an entry point to inject malicious and invisible code into phones, granting them access to SMS messages and audio of phone conversations. Found in many high-end phones from Google, Samsung, LG, Xiaomi, and One Plus, Qualcomm MSM vulnerability could have potentially allowed an attacker to unlock a mobile device’s SIM. CPR has alerted Qualcomm who now fixed the issue, and mobile players have been notified.
patch it from an application processor. This would have allowed attackers to use this vulnerability to inject malicious code into the modem from Android, giving them access to the device user’s call history and SMS, as well as the ability to listen to the device user’s conversations. A hacker could also exploit the vulnerability to unlock the device’s SIM, thereby overcoming the limitations imposed by service providers on it. CPR found that if a modem debugger is implemented to explore the latest 5G code, the easiest way to do that would be to exploit MSM data services through QMI. The vulnerability discovered in the modem data service could be used to control the modem and dynamically
TREND MICRO NAMED LEADER IN GARTNER’S 2021 MAGIC QUADRANT
T
rend Micro has announced that it has been positioned by Gartner as a Leader in the Magic Quadrant for Endpoint Protection Platform, for its Trend Micro Apex One. The evaluation was based on specific criteria that analyzed the company’s overall completeness of vision and ability to execute. Trend Micro Apex One endpoint protection platform features coverage against today’s critical threats. It protects customers using a range of techniques including virtual patching, which protects against attacks until the vendor patch is applied. “It has been our constant endeavor to support and protect our customers in their journey in the digital world,” said Dr. Moataz Bin Ali, VP and Managing Director, Trend Micro Middle East and North Africa. “We are being extra-heedful in empowering them to strengthen their stance against the evolving threat landscape in these unprecedented times where bad actors are targeting distributed workforces and vulnerable infrastructures. Recognitions of this stature add life to our feat, encourage and bolster us to continue to focus on offering innovative, robust and industry-
10 JULY 2021
leading protection to our customers across the region through our cybersecurity platform.”
www.VARonline.com
DISPOSABLE NATURE OF TECH IS PUTTING BUSINESS DATA AT RISK
Rick Vanover Senior Director Product Strategy, Veeam
A
s technology becomes part of our everyday lives, the lifecycle of our devices has become shorter. This is posing a huge issue to the sprawl of data, as many people abandon their old devices at second-hand stores (thrift shops) or sell them to new owners without thinking about the data and personal information left on them. A number of people, working from home, use their personal devices for work, making it difficult to control or manage an organization's data, especially when a device is sold on to its next home, left behind at a second-hand store, or thrown away. IT teams have less control over employees’ personal devices which makes protecting the data on it challenging. Things like a lack of encryption or outdated operating systems can lead to potential hacks and data loss. Furthermore, trends like BYOD (Bring Your Own Device) are gaining popularity and making it harder for organizations to keep track of data. There are some key parameters that organizations need to consider when implementing a cyber security strategy. These include:
PROTECTIONS In the event, educating the staff fails, IT teams can manually deploy some protections to mitigate risks. These include: •
•
•
•
EDUCATING STAFF Educating the staff to make them understand the risks involved with using personal devices for work, discarding old devices, and setting up the right protections within an organization is the first step in managing data. Employees should be trained in the security practices followed by the organization and how to properly wipe the contents of their phones if they eventually discard it to a second-hand store. They should also be educated on how to identify potential
malware, phishing, or ransomware attacks on their personal devices, as early identification of these threats can mitigate risk of data being lost.
Constant software updates – if employees opt to use their devices for work purposes, provide them with the support necessary to deliver these updates. Password security – to minimise security risks, roll out a compulsory monthly password change. Also ensure to put up restrictions around the type of passwords employees are using, making it less obvious to potential hackers. Encrypt data for protection – smartphones and tablets have encryption options that can provide storage protection, lowering the risk of being hacked. Clear all phone data – if employees decide to move on to a new device or stop using their current devices, ensure deletion of all data from that phone according to a strict policy around discarding devices.
As work from home has become the new normal, it is becoming increasingly complicated to manage the sprawl of a company’s data. It’s important for IT teams to understand all the risks as their companies take on more flexible working arrangements in the new future.
www.VARonline.com
JULY 2021 11
TECHNOLOGY
NEWS IN DETAIL
TECHNOLOGY
NEWS IN DETAIL
A10 NETWORKS POSITIONS THE CHANNEL FOR GROWTH, FINDS WAYS TO INCENTIVISE PARTNERS By: Chris Martin, Channel leader for EMEA & SAARC, A10 Networks
T
he rise in a globally dispersed workforce and new work-from-home requirements are placing extraordinary pressure on organizations’ networks. At the same time, Covid-19has accelerated digital transformation across many industries, with a shift towards hybrid and multi-cloud to service both customers and employees in this new environment. These changes underline the importance of operational efficiency, management, visibility and security for organizations. This is where A10 Networks and its channel partners can ensure customers’ datacentre applications and networks remain available, resilient and secure in the months ahead. With a hundred percent of the our business transacted through channel partners in EMEA, partners are central to A10 Networks’ plans. The pandemic has not affected our commitment nor our investment in the channel. We made huge investments in our partner ecosystem and our Affinity Partner Programmeme over the last year or so. We have focused on three key areas: education, engagement, and deal registration, and we currently have underway five key channel initiatives, which include developing our distribution relationships, deal registration, partner ecosystem, organic leads, and channel enablement. Given our focus on key vertical sectors, we are looking to work with partners who have specialist vertical market capabilities.
TRAINING AND CERTIFICATION Training is key to this enablement and we are enabling our partners to obtain the technical certifications needed to help their customers navigate this new environment. We launched new sales and technical training certifications this year, such as Sales Associate Training and Technical Associate for Service Providers Training, free of charge and aligned with our new branding and latest products and solutions.
DISTRIBUTION IS KEY TO GROWTH We have doubled our distributor presence across our territories. We have onboarded 11 new distributors in the 18 months from mid-2019 to December 2020 in EMEA and SAARC. Regardless of the type of distributor, we have established KPIs for distribution around recruiting partners, net new revenue, certification, and lead generation.
12 JULY 2021
RECOGNISING PARTNERS AND INDIVIDUALS WHO GO ABOVE AND BEYOND We have created a new channel awards Programmeme, known as Elevate to recognise and reward individuals and companies within our channel community that go above and beyond to drive business with A10. Any member of the A10 channel community is eligible within EMEA and SAARC. Since, technical teams don’t always get rewarded for their contributions, we have created ‘Tech Packs’, which provide a range of goodies for techies who successfully complete certain certification levels.
PATH TO PLATINUM Our Path to Platinum Programmeme is designed to accelerate our partners’ growth, and enable Bronze and Gold partners to achieve the highest accreditation in the A10 Networks.
www.VARonline.com
FEATURE
GOOD LIFE TECHNOLOGIES
I
n the new normal, everyone is working from home and keyloggers can be found in the majority of devices. That, however, does not discount the threats in a physical office environment where despite the secure office LAN, employees open sensitive business applications. As a result, unintentional security breaches have become commonplace. The worst part, however, is that it remains unnoticed for several days or weeks until records or databases are compromised and gets picked up by the application owners.
Although, technologies and solutions from several vendors are available at extremely low prices, the uptake is poor, probably because of the notion that anti-virus and VPN can suffice. It is shocking to learn about the availability of commercial proposals starting at one AED per day per user for up to three devices protected.
REMOTE WORK IS HERE TO STAY The new normal has redefined the way we work and remote working is here to stay. However, security gaps exist as despite the low costs some
Sandeep Chabra Founder, Good Life Technologies
PROACTIVE MEASURES ARE NEEDED TO STRENGTHEN SECURITY POSTURE The Covid-19pandemic has unleashed many challenges for businesses in terms of cyber security. The biggest and the most undeclared or unadmitted security hazard has been ransomware attacks. This is mainly due to little, or no, control of the organizations on end-user devices. Kubernetes security, an open source project, can play an important role herea Another major challenge is an increase in uploads and downloads of documents in B2C as well as B2B sectors. The biggest cause, again, is the end user device condition that cannot be controlled or monitored. Policies that allow uploads to DMZbased repositories increase the risks to all servers in the DMZ from potential hackers. During the pandemic, public cloud as a platform has been embraced with open arms, as based on the security processes deployed and offered by cloud providers, it is considered secure. However, end user devices still remain out of control of cloud providers or organizations. As a result, organizations depend on the basic security measures offered by the providers and use VPNs as the preferred method to connect to business applications. This lacuna is one of the main reasons behind sites getting compromised, as has been revealed in most forensic studies of compromised sites in the UAE and Middle East.
14 JULY 2021
of the security measures such as end-to-end encryption (from user to server, server to server, or server to user), scheduling relevance of data shared, auto killing data on expiry, and two factor authentication are not implemented widely. These critical security measures cost a company less than 100K AED or 30K USD per annum for unlimited usage and are inclusive of implementation and support costs. These security measures are a prerequisite for banks, healthcare, e-commerce, insurance, manufacturing, and trading sectors.
KUBERNETES SECURITY CAN PLAY A KEY ROLE Furthermore, the number of commercially adopted applications have exploded in the last five years. Whether it is on public cloud, onpremise, or hybrid, it is impossible to find an enterprise that does not collaborate on at least 10 projects from 3-5 vendors. Open source bouquet of projects can be found at each level of www.VARonline.com
the IT stack – platform, operations, management, security, and backup. Kubernetes security can play an important role here. Kubernetes is an open source project that has garnered wide acceptance from organizations involved in the application modernization journey. Several open source projects facilitate containerizing the platforms for applications and databases, orchestrating them for optimum usage according to customer volumes and needs, and managing them. Inter-container and intracontainer security is another topic of interest and gaining popularity with CIOs, CISOs, and audit teams.
MILLIONS OF TECHNOLOGIES TO HELP IMPROVE USER MANAGEMENT PRACTICES It is important to note that we cannot control the type or OS of the device being used by end users – and we are not even considering the condition and version of the device. Therefore, instead of reactive methods, it is recommended to take proactive measures to strengthen security. The message should be clear that regardless of the device being used, it should follow the defined protocol for access otherwise get blocked.
FEATURE
FORTINET
SECURITY IN THE BRAVE NEW WORLD OF CONNECTED MEDICINE By - Joe Roberson, Director of Information Security, and EMEA CISO at Fortinet
INDUSTRY PERSPECTIVES
in the totality of the ecosystem that is connected medicine.”
Connected medicine is having a growing impact on all of our lives. It is an exciting combination of data, technology, and pharmaceutical expertise. It is significant for the pharmaceutical industry because of the balance between the great value it offers and the risks that must be managed. What Does Connected Medicine Mean? It may be easiest to think of all medical data as an ecosystem waiting to be connected. It is also known as the Internet of Medical Things (IoMT) – full of medical devices and applications that connect to healthcare information technology systems using networking technologies. The global IoMT market was valued at $44.5 million in 2018, and is expected to grow to $254.2 million in 2026, according to AllTheResearch. The pharma industry requires data from within the IoMT to solve today’s challenges.
PATIENT-CENTRICITY DRIVES CONNECTED MEDICINE Technological advances have helped the pharmaceutical industry to think differently – above all, to ensure integrity of the data it uses. This is because if compromised, it can be a matter of life and death. As people take a more proactive view of their health and live longer, complex challenges that require more niche treatments arise. In addition, government expectations of the pharmaceutical industry, coupled with huge leaps in technology, have led to extensive use of operational technology, connected
16 JULY 2021
COLLECTIVE VISIBILITY IS ESSENTIAL IN MEDICINE
medicine and, ultimately, the connected patient. It is a symbiosis where patients generate raw data, that data is cleaned and then provides insights to better treat the patient. Dataheavy processes and advances, have forced a re-evaluation of business models. But data is useless, unless it can be harnessed for insights. To mine data, you need technology – artificial intelligence (AI). From injectables to telemedicine, wearables to e-learning – the data harvested is highly valuable. It can be used to power various collaborations, aided by AI and machine learning to speed up processes. Partnering with the outside world, beyond existing networks, promises an exciting future, with drug manufacturers increasingly seeing themselves as holistic health service providers. Simon Roach, Head of Transformation and Operations at eClinicalHealth Ltd and former CIO of Global Pharmaceuticals R&D for GSK, recognizes the “great variety of different parties, all with an interest www.VARonline.com
By integrating and protecting every edge in the infrastructure with a cybersecurity platform data transformation is possible. Jessica Riccio, Vertical Marketing Manager at Fortinet, explains: “Close to 60% of patients’ phone apps are in some way helpful to connected medicine, offering a stream of live data points, awaiting analysis.” This data needs to be integrated securely taking into account data compliance needs as well. Christopher Callahan – Chief Information Security Officer at Weichert Companies and ex Director, Global IT Risk & Compliance, Cyber Security Operations, Novartis, says, “if you partner and work with a business, security and compliance are part of the process. It doesn’t have to be a blocker or an inhibitor, it can actually be an enabler, promoting a culture of collaboration that shares a secured responsibility.”
PATIENT, INNOVATION, AND COLLABORATION Pharmaceutical organizations can only succeed and grow with a secure flow of data across connected IT and OT environments within complex, evolving ecosystems. Reducing risk and harnessing life science data can unlock potential. Like a currency, insights gained continue to inform discovery and fuel growth. Troy Ament, Chief Information Security Officer at Fortinet, expands on it, “with a strong security culture, you have an organization that's going to embrace all of the risk.”
NUTANIX LAUNCHES SERVICE PROVIDER PROGRAMMEME FOR HYBRID AND MULTICLOUD SOLUTIONS
N
utanix has announced the launch of 'Nutanix Elevate Service Provider Programmeme' to enable service provider partners – including managed and cloud service providers – to build differentiated hybrid and multicloud services. The Programmeme aims to help service providers improve margins and agility by addressing the lockin and minimum commitment requirements encountered in traditional service provider vendor models and Programmeme. “As the demand for managed and cloud services surges, service providers are uniquely positioned to assist an organization’s growth, optimization initiatives, and digital transformation needs,” said Christian Alvarez, SVP Worldwide Channels at Nutanix. “Through the Nutanix Elevate Service Provider
NUTANIX ELEVATES SERVICE PROVIDER PROGRAMMEME DETAILS
Christian Alvarez SVP Worldwide Channel, Nutanix Programmeme, we are rewarding our partners’ commitment in delivering high value IT cloud service offerings and helping them maximize profitability and increase their revenue growth potential through premium offerings.”
The Programmeme adds two partnership levels to Nutanix Elevate: Authorized Service Provider and Professional Service Provider. will deliver differentiated services for enterprise organizations. Partners that join the Programme will be able to take advantage of all the benefits outlined in the Elevate Service Provider Programme Guide including training, Not For Resale (NFR) and Nutanix XLAB software licenses, and enablement support. Professional service provider partners can gain expanded support from Nutanix, which includes marketing materials, potential market development funds, sales tools, goalbased financial incentives and rebates, and personalized insights in to Nutanix’s Partner Portal.
INGRAM MICRO SIGNS DISTRIBUTION AGREEMENT WITH CROWDSTRIKE
I
ngram Micro, the global technology and supply chain services provider, has announced the signing of a distribution agreement with CrowdStrike. This agreement will scale Ingram Micros’s training, quoting, and fulfillment of CrowdStrike to reseller partners in the region. Dr. Ali Baghdadi, SVP & Chief Executive Ingram Micro META Region; and EMEA Cyber Security, commented, "We are delighted to team with CrowdStrike, a company recognized as a leader in endpoint protection by security professionals, industry analysts, and independent testing organizations across the United Arab Emirates, Bahrain, Kuwait, Qatar, Pakistan.” The demand for cybersecurity has been driving millions in
investments for institutions of all sizes, Baghdadi continued. “Companies of all sizes are increasingly vulnerable to cyber-attacks that can generate significant financial losses and other irreparable corporate risks such as those related to compliance and GDPR. We believe in the ability of CrowdStrike's Falcon platform to help meet this growing market demand, as platform is flexible and extensible when it comes to meeting our customers' endpoint security needs." “We are excited to welcome Ingram Micro as a CrowdStrike partner,” said Mohamad Bitar, CrowdStrike’s Regional Alliances Manager, META. “Their deeply experienced and dedicated technical team has the ability to reach www.VARonline.com
Dr. Ali Baghdadi SVP & Chief Executive, Ingram Micro META Region & EMEA customers and resellers across the Gulf. Ingram Micro also has a wide scope, focusing on SMBs and mid-market and replacing legacy antivirus for customers.” JULY 2021 17
TECHNOLOGY
NEWS BYTES
COVER FEATURE
CYBER SECURITY
18 JULY 2021
www.VARonline.com
www.VARonline.com
JULY 2021 19
COVER FEATURE
CYBER SECURITY
T
he biggest blackswan event of recent times, the Covid-19 pandemic, has upended lives in unprecedented ways. Businesses scrambled to continue operations and had to transition to the digital mode almost overnight. This hurried transition placed unprecedented demands on their digital infrastructures and the role of information technology – comprising data centres, cloud systems, servers, and more – became more critical than ever.
REMOTE WORKFORCE HAS EXPANDED THE ATTACK SURFACE With restrictions on movement, people had to rely on digital channels for practically everything—shopping, entertainment, socializing, and of course work. This has given rise to a new normal, where the majority of activity is through digital channels and the workforce is remote. It has also compounded the threat to an organization's security posture. “Threats that were once thought to be two or three years away are now a reality, with do-ityourself, cloud-based tools creating an army of cyber criminals armed with the same devastating force and impact of a nation-state or larger criminal enterprise,” says Mohamed Abdallah, Regional Director for Middle East, Turkey and Africa at SonicWall. As organizations adapted to the demands put forth by evolving work dynamics, they increasingly relied on cloud-based collaboration tools, video conferencing, and many other productivity tools to make remote working seamless for their employees. Furthermore, employees are using their personal devices to access business networks, which has resulted in expansion of an organization's perimeter. In addition to work, people used their devices to shop, play online games, watch streaming video content, and even socialize. There was a sudden surge in online activity with many first-time users taking the digital route. According to McKinsey, digital adoption during the initial global lockdowns, surpassed the projections by more than five years. This heightened online activity has opened up new attack vectors and allowed cyber criminals to recalibrate their attack tactics in order to exploit these novel avenues. Cyber criminals took advantage of the initial panic around the pandemic to launch a variety of
20 JULY 2021
malicious attacks, which included spam, business email compromise, ransomware, setting up malicious websites, and phishing campaigns, among others. A PricewaterHouseCoopers survey estimates that total fraud losses amounted to US$42 billion with 13% of the respondents losing in excess of US$50 million. Phishing was the most common method employed by cyber criminals to extract valid user credentials. Some of the Covid-19themed attacks included phishing emails laced with malicious attachments, which when opened would install malware on the user's system and steal user data. There was a proliferation in the number of fraudulent websites promising cure or vaccine related information, order masks and sanitizers, or to solicit donations for the underprivileged. An employee working from home can access the internet unchecked, unlike in an office setting where security policies may prohibit access to certain websites, disable USB drives, and many other security measures are implemented. With remote workers spending significant amounts of time online, digital fatigue can make them
Multi factor authentication (MFA) can limit the risks of weak passwords and, therefore, significantly decrease the possibility of cyber attacks,”
www.VARonline.com
Ram Narayanan Check Point Software Technologies, ME.
prone to making more mistakes than they usually would. They may click on malicious links resulting in compromise of the organization's enterprise network. It is estimated that 47% of people working from home fall prey to a phishing scam. Work from home users are also more vulnerable to risks such as IP theft. “Even the businesses that return to a majority of in-person work, may still have some people working remotely, either on a long-term or short-term basis. With this in mind, organizations need to look for a solution that brings security and networking together,”advises Alain Penel, Regional Vice President – Middle East Fortinet.
CHALLENGES FROM RANSOMWARE In addition to Covid-19themed scams, there was a spurt in ransomware attacks against many businesses, forcing them to shut down operations. According to Statista, there were a total of 304 million ransomware attacks worldwide in 2020, a 62% rise over the previous year. Ransomware is a type of malicious attack where cyber criminals lock down the operating system or encrypt data by injecting malware and extorting money in return. Ransomware attacks are commonly launched against large organizations as they have large volumes of data and the money to pay ransoms, which allows cyber criminals to make money quickly. Businesses are often forced to give in to the ransom demands as cyber criminals release data in the public domain. For instance, in January 2020, a global management company faced a ransomware attack and refused to pay for the compromised data. The company decided to use its own recovery methods. However, cyber criminals threatened the company of releasing nearly 5GB of stolen data, which would result in the company possibly breaching the European Union's GDPR directive that mandates organizations to ensure protection of data. Similarly, cyber criminals used Maze ransomware to attack an organization engaged in medical studies and leaked personal details of thousands of patients. Ransomware attacks were also reported on biotechnology firms engaged in researching possible Covid-19treatments. There is growing evidence that networks of companies where employees are working remotely are a more likely target for ransomware attacks. Cyber criminals
Mohamed Abdallah Regional Director, META, SonicWall
were already becoming more strategic in their approach to executing ransomware attacks, and the pandemic provided them with the opportunity to double their exploits. They not only resorted to stealing data, but also made efforts to locate and encrypt online backups. The scale at which ransomware attacks are growing is alarming. Between June 2019 and June 2020, there was an estimated 108% increase in ransomware attacks, while attacks on IoT networks went up 833%. Ransomware attacks are also becoming more sophisticated. Cyber criminals are leveraging data breach incidents to execute ransomware attacks and force victims to pay up. Use of unseen malware that stood at 20% before the pandemic climbed up to 35% during the pandemic. In the UAE, 78% of the businesses were impacted by ransomware in 2020, a 66% increase over 2019, reports the recent Mimecast report 'The State of Email Security'. On an average, these businesses lost six working days to downtime. Ransomware has emerged as a serious challenge for businesses, as cyber criminals are executing these attacks
www.VARonline.com
JULY 2021 21
COVER FEATURE
CYBER SECURITY
COVER FEATURE
CYBER SECURITY
Alain Penel Regional Vice President, ME Fortinet
faster, recruiting low-wage human attackers to achieve scale, and using ransomware-as-a-service available freely on the dark web. Businesses, however, are in a catch 22 situation—they face monetary losses if they comply with the demand to pay up ransom, and face the risk of stolen data being made public if they choose not to pay. In either situation, brand reputation is damaged, which is a rather long-term loss.
MULTI-FACTOR AUTHENTICATION CAN ADD A LAYER OF PROTECTION To confront the evolving risks, especially in an environment where a large workforce is remote, it is essential that businesses restrict access to their networks and ensure only authorized users can access business resources. It is, therefore, essential that organizations deploy measures to authenticate users. “Since many systems can be accessed from anywhere, a compromised password makes it possible for an attacker
22 JULY 2021
to gain unauthorized access to a user account. Multi factor authentication (MFA) adds an additional layer of protection and its implementation can limit the risks of weak or breached passwords and, therefore, significantly decrease the possibility of cyber attacks,” says Ram Narayanan, Country Manager, Check Point Software Technologies, Middle East. MFA can help organizations control and monitor access to the business networks. MFA requires two or more elements to verify a user, which include knowledge (something only the user knows), possession (something only the user possesses) and inherence (something the user is). “For organizations that will continue to be reliant on legacy apps, bringing in MFA is critical,” informs Mohamed Abdallah of SonicWall. There are multiple ways of authentication using MFA, namely: by app, by text, and by a token device. However, businesses must avoid MFA using alternate email, push notification, or a phone call. “Organizations can minimize the impact of a potential attack by limiting access to only necessary information and segment access. Segmentation minimizes the risk of ransomware spreading uncontrollably across the network,”says Ram Narayanan.
RISE OF ARTIFICIAL INTELLIGENCE DURING THE PANDEMIC Artificial intelligence (AI) was already growing in leaps and bounds before the pandemic struck. There were multiple use cases where AI was helping solve complex problems. However, due to the pandemic, organizations invested increasingly in AI for automation so as to expedite remote work, enhance customer experience, and reduce costs. According to Appen's State of AI 2020 Report, 41% companies have accelerated their AI strategies during Covid-19and 75% of the respondents consider AI to be critical to their success. During the pandemic, AI helped scientists and governments harness patient data, find patterns in data, unearth risk communities, monitor people movement, and contact tracing. Robot disinfectants and automatic thermal checks at public places proved helpful for healthcare and essential workers. AI played a key role in delivering medicines and
www.VARonline.com
essential supplies through drones, as well as promoting public safety. It also helped keep people informed and safe during the pandemic through information availability and connectivity. AI made mobile geolocation analysis of lockdown perimeters easy and even helped create prediction models that facilitated staggered lifting of lockdowns. The industries that benefited the most from AI during the pandemic, according to the World Economic Forum, include retail, education, and healthcare. • Retail: From facilitating no-contact pick-up and delivery of meals, making reservations at local stores, and development of autonomous stores, AI has enabled consumers to shop seamlessly during the various stages of the pandemic. • Education: With global lockdowns in place, schools transitioned to online classes. AI-powered smart learning technologies are helping create virtual tutors and learning software that incorporates multiple languages. • Healthcare: One of the earliest uses of AI in healthcare was speedy analysis of MRI and other imaging systems to help detect and diagnose the virus. During the pandemic, many patients turned to virtual visits and availed of telehealth. The need for social distancing have spurred companies to create AI-powered contactless check-in options for patients who need in-person visits. Furthermore, many healthcare organizations are now using chatbots to address basic queries of patients, scheduling appointments, and triaging visits. Artificial intelligence continues to help businesses strengthen their security posture against evolving cyber threats. Together with machine learning (ML), AI helps businesses detect and respond to suspicious behaviours in near real-time, without the need for human intervention. “These technologies can effectively compensate for the cybersecurity skills gap and leave more meaningful and high-value work for the humans involved, thereby increasing staff retention,” says Penel of Fortinet. Since the post-pandemic world will largely be digital, AI will play an increasingly important role in our daily lives.
ATTACKS ON CLOUD SERVICES The unprecedented speed at which businesses shifted to remote work arrangements, when the pandemic
Artificial intelligence and machine learning can effectively compensate for the cybersecurity skills gap and leave more meaningful and high-value work for the humans involved, thereby increasing staff retention,” Alain Penel Regional Vice President, ME Fortinet
struck, was made possible due to cloud computing. Cloud emerged as the perfect platform in this hour of uncertainty, providing businesses with the flexibility to adjust and right-size their network infrastructure needs. As per a McAfee report, cloud computing increased by 50% between January and April, while use of collaboration services rose by 600 percent. This spike in use of cloud was closely followed by a spike in attacks on cloud. According to McAfee, remote attacks on cloud service targets rose by a whopping 630% amid the pandemic. Cyber criminals devised innovative ways to compromise data, disrupt services, and weaponise the cloud. They took advantage of the hasty migrations to launch distributed denial of service attacks (DDoS) such as the one launched against the US Department of Health and Human Services. They exploited cloud security through phishing scams and disseminated emails purportedly from reliable government sources and World Health
www.VARonline.com
JULY 2021 23
COVER FEATURE
CYBER SECURITY
COVER FEATURE
CYBER SECURITY
brokers can help protect data using an on- or off-premise tool that allows monitoring cloud activity and enforces security policies of the enterprise. Organizations can consider using automated security tools, ensuring cloud configurations are right to begin with, and training their employees on cloud security. “Organizations deploying hybrid clouds, as with other environments, should have comprehensive, real-time visibility into 100% of their data flows,” advises Ram Narayanan of Check Point.
DATA PRIVACY AS A DISCIPLINE
Ram Narayanan Country Manager, Check Point, ME
Organization (WHO) to play on the anxiety and panic around the pandemic to trick recipients into clicking malicious links or downloading malware-infected attachments. Malware can spread through the cloud system rather quickly to compromise critical data and applications. “Accelerated adoption of cloud has brought targets one step closer to their adversaries with the potential to search for and target a larger and more dispersed attack surface area over the internet,” informs Harish Chib, Vice President, Sophos, Middle East and Africa. Due to paucity of time during transition, proper IT governance policies to ensure optimum usage of resources could not be put in place. This has left large lacunae for cyber criminals to exploit, as it is possible that remote employees may create security risks by contributing to sprawl. Fortunately, some of these risks can be mitigated by implementing a cloud-based secure web gateway without the need to route through a VPN. Cloud access security
24 JULY 2021
Data privacy has once again become the centre-piece with the global spread of COVID-19. As governments around the world used tracking technologies to curb the spread of the virus through contact tracing, questions have been raised about the privacy and security of the data collected, as well as its possible misuse. Covid-19has affected data privacy on multiple counts including increased surveillance, more digital records containing sensitive data, and greater sharing of data without the consumers' consent. Once the data is shared, it is nearly impossible to regain privacy. Weak data protection and sharing practices have further eroded
BETWEEN JUNE 2019 AND JUNE 2020, THERE WAS AN ESTIMATED 108% INCREASE IN RANSOMWARE ATTACKS.
www.VARonline.com
privacy of sensitive data. Apart from surveillance, remote access with inadequate security measures in place have made business networks potentially vulnerable to eavesdropping, access to personal computers and companies’ servers, and data mining by adversaries. Although multiple guidelines on responsible use of data in unforeseen circumstances have been formulated by international humanitarian organizations, the pandemic has threatened privacy of consumer data by reducing their control. Taking cognizance of the impact Covid-19has on data protection and privacy, the WHO has issued a joint statement precluding the use of data beyond the crisis response phase as it can lead to potential infringement of fundamental human rights and freedoms. The WHO warns against turning contact tracing into a standard practice.
For organizations that will continue to be reliant on legacy apps, bringing in MFA is critical” Mohamed Abdallah SonicWall
NEED FOR CYBERSECURITY PROFESSIONALS Heightened security threats and a surge in cyber attacks during the pandemic have left cyber security professionals outnumbered. There was already a shortage of cyber security professionals before the pandemic, and this shortage stuck out like a sore thumb when companies shifted to remote work arrangements. In a hurried response, security and IT tasks were reassigned to ensure remote workers were not only able to work seamlessly from remote locations but also do so safely. This puts an additional strain on the already low pool of cyber security professionals. With remote work becoming the new normal, companies will need to explore ways to facilitate it better than when the pandemic struck. As a result, cyber security professionals will play a key role in supporting critical infrastructures and helping organizations maintain business continuity. In the post-COVID world, there will be acceleration in digital transformation of businesses. There will also be a greater emphasis on proper implementation of security apparatus, data protection, cyber security hygiene, and following cybersecurity standards. Furthermore, businesses are expected to be under greater scrutiny of the regulators. Therefore, there will be a far greater need for skilled cybersecurity
professionals after the pandemic ends.
IMPLEMENT LEARNINGS FROM STRESS TESTS In an increasingly digital and connected new world, where digital touchpoints are aplenty, the risk of cyber threats has increased manifold. Digital natives have been joined by digital debutants and the demarcation between offline and online worlds have blurred. The Covid-19pandemic has forced digital transformation for many businesses, exposing them to cyber threats in the process. Remote workforces and distributed networks have only added to cyber security challenges for organizations. Businesses are operating under high stress levels and trying to secure their extended perimeters from the onslaught of cyber attacks. They are making efforts to reduce their vulnerability by devising cybersecurity strategies that encompass processes, technology, and people. The stress tests during the pandemic have provided organizations with valuable lessons in business continuity and cyber security management that can be brought to bear in strengthening their defense posture in the new normal.
www.VARonline.com
JULY 2021 25
COVER FEATURE
CYBER SECURITY
TECHNOLOGY
NEWS BYTES
RACKSPACE TECHNOLOGY SPEARHEADS DIGITAL TRANSFORMATION FOR BFC GROUP HOLDINGS
George Pawlyszyn GM MEA, Rackspace Technology
R
ackspace Technology has announced that BFC Group Holdings (BFC), a money transfer and currency exchange provider in the Kingdom of Bahrain, is shifting its core application and supporting systems to Amazon Web Services (AWS) while providing ongoing management and
consultancy services. “With the continued evolution of smartphones and computers, our business is evolving from the traditional brick and mortar to a digital model. Since the Covid19pandemic hit, our goal is to cross over more decisively into the digital space by modernising our core application to better support both a digital and physical presence,” said Ebrahim Nonoo, the Managing Director and CEO of BFC Group Holding Company. “We selected Rackspace Technology because they are the best at providing robust technology foundation to companies like ours to achieve our business goals,” Nonoo added. “By leveraging our global expertise and technology, BFC Group has maintained its position as the leading money transfer service in
the region while improving customer experience. Scalability of public cloud means BFC Group can easily expand across boundaries with a consistent level of service no matter the country,” said George Pawlyszyn, General Manager, Middle East and Africa, Rackspace Technology. Before completing the migration, BFC Group saw an immediate uplift in critical performance measures, such as transactions processed per second (TPS) and customer experience. “As we redeveloped our application, our on-premises environment struggled to provide the performance required,” said Ali Fakhreddine, CIO at BFC Group. “We didn’t want to invest in refreshing the infrastructure because we know that is not where the future lies. So, we brought forward our plans to move to the cloud,”he added.
DELL TECHNOLOGIES DRIVES CONVERGENCE OF HIGH PERFORMANCE COMPUTING
D
ell Technologies is introducing new solutions to help customers better manage the convergence of high performance computing (HPC), artificial intelligence (AI) and data analytics. To help organizations tackle data-intensive workloads such as genome sequencing to product development simulations, Dell is also expanding HPC on demand services and Dell EMC PowerEdge server accelerator support. “As AI with HPC and data analytics converge, storage and networking configurations have remained in siloes, making it challenging for IT teams to provide required resources for shifting demands,” said Peter Manca, senior vice president of Integrated Solutions at Dell Technologies. “With Dell’s Omnia open source software, teams can dramatically simplify
26 JULY 2021
the management of advanced computing workloads, helping them speed research and innovation.” Simplifying and accelerating the convergence of workloads with Omnia Omnia was developed at the Dell Technologies HPC & AI Innovation Lab, in collaboration with Intel and with support from the HPC community. The open-source software is designed to automate the provisioning and management of HPC, AI and data analytics workloads to create a single pool of flexible resources to meet growing and diverse demands. The Omnia software stack is an open source set of Ansible playbooks that speed the deployment of converged workloads with Kubernetes and Slurm, along with library frameworks, services and www.VARonline.com
applications. Omnia automatically imprints a software solution onto each server based on the use case — for example, HPC simulations, neural networks for AI, or in‑memory graphics processing for data analytics — to reduce deployment time from weeks to minutes. Community involvement and contribution are important for Omnia’s advancement. Arizona State University Research Computing has worked closely with the Dell Technologies HPC & AI Innovation Lab on Omnia development to better support mixed workloads including simulation, high throughput computing and machine learning. “Engineers from ASU and Dell Technologies worked together on Omnia’s creation,” said Douglas Jennewein, senior director of research computing, Arizona State University.
BANKS AND FINTECH PARTNERSHIPS
A PARADIGM SHIFT IN THE FUTURE OF BANKING INDUSTRY
D
igitisation has changed every sector, and the banking industry is no exception, leading several banks to reduce their physical footprint in an effort to bring more customer-centric digital platforms to the forefront of their retail offering. This digitisation and transformation journey has led several global and local banks, brokers, insurers, and investment managers to opt for online and digital solutions leading to a boost in partnerships with FinTech companies. “In the early 90s, with the UAE economy and population growing, banks saw an opportunity and launched innovative retail products for personal accounts, credit cards, auto and personal loans to fulfil the banking requirements with a focus on salaried individuals. These products were an instant hit and had an overwhelming response amongst the general population, specifically corporate and government employees. With the growing demand for retail banking products, banks were compelled to grow their distribution network and physical footprint, in addition to exploring other avenues to convert this opportunity. This gave birth to the outdoor sales - the UAE banks were the first banks regionally to introduce sales teams concept where a sales officer would visit an employer or a corporate rather than the employees visiting a bank branch,” said Ali Imran, Cofounder and Chief Commercial Officer of GoFinance, who was amongst the first retail banking outdoor sales teams in the country. “It is happening all over again, but this time in the digital space,” added Imran. GoFinance is in a perfect shape to not only serve banks but ultimately serve brokers and customers, who will also have 24/7 access to the platform for regulated and digitised
Ali Imran CoFounder & Chief Commercial Officer, GoFinance
transactions. Emphasising the relationship between brokers and FinTech platforms, Ali Imran added, “When the demand for sales concept increased, banks started to hire outsourced sales staff through 3rd party partners and simultaneously considering and setting up their own outsource companies to convert this opportunity. This proved to be a successful model and banks had a greater reach into the market through this model, with up to 12,000 sales officers working in this space by 2005. Banks also started considering alternate sales channels where complete third-party companies would solicit business at no fixed costs. A whole new industry was born. Today there are over 60 retail banking brokerage companies who specialize in this domain and employ over 3000 salespeople mostly employed on commission basis.” While the business is ample for brokers today, most of the business sourced is still physical. Post Covid-19, the customers prefer instant digital solutions where they can compare, apply, and get their product requirements full-filled www.VARonline.com
instantly, as opposed to a traditional sales officer visiting them in their personal space and time. In time, there will be more digital platforms such as GoFinance, servicing consumer banking requirements. GoFinance will provide customers end-to-end solutions to search, compare, choose, apply, and receive digital fulfilment of financial products. It aims to offer best real time deals and options for financial products such as personal finance, property finance, car finance, credit cards, etc. In addition, car, health and other insurance products will be listed on the platform further down the line. GoFinance has already tied up with several government institutions, corporations, banks, and valuation companies in the UAE to provide the best retail banking and insurance deals to customers. According to Imran, the advantages of FinTech companies and brokers go beyond just increasing revenue. Some key benefits of FinTech and broker collaboration include instant fulfilment 24X7, increased easeof-use through a simple digital seamless customer journey , broaden consumer base, building up brand reputation, offering additional services to customers like bill payments and insurance among other factors reduced costs and ability to scale quickly. Globally, partnerships between FinTech and banks are transforming to be a profitable proposition with an increasing number of financial services companies turning to FinTech to grow their company’s revenue. As such, experts suggest that banks, brokers and FinTech companies should find creative and innovative ways to collaborate, in order to simplify the banking experience for customers and help Middle East FinTech ecosystem reach its full potential. JULY 2021 27
TECHNOLOGY
NEWS IN DETAIL
INTERVIEW
SUSE
SUSE RECOMMENDS A 4-STEP APPROACH TO SECURE IT TRANSFORMATION What challenges in cybersecurity have come to the fore due to the Covid-19pandemic? From the perspective of IT departments, Covid-19 unfolded extremely quickly and many businesses pushed a majority of employees into home office overnight. The adoption of new remote working models has increased cybersecurity concerns. Many remote workers do not have the same levels of protection or deterrent measures they had become accustomed to when working from a more secure corporate environment. Hackers have developed new malware to infiltrate systems, add malicious code to software pipelines, steal sensitive data or launch ransomware attacks. For example, SolarWinds believes up to 18,000 of its customers, including Fortune 500 companies and multiple US government agencies, installed software updates that left them vulnerable to hackers. More recently, Kaseya believes that up to 1,500 of its customers were compromised by a ransomware attack that exploited several vulnerabilities in the company’s VSA software. Such cyberattacks have caused significant reputational, operational, legal, and compliance damage. They demonstrate the need for enterprises to adopt a ‘zero trust’ security posture. How can open source solutions help secure hybrid cloud environments? Data loss, data breaches, cyberattacks, and compliance violations are costly, damaging to brands, and increasingly more difficult for companies to avoid. As a result, organizational security and compliance are critical components of many hybrid cloud initiatives. Open source solutions built on FIPS-certified platforms provide security, compliance, and privacy using certified cryptographic modules to business-critical workloads. The US National Institute of Standards and Technology (NIST) has published certificates for such cryptographic modules used pervasively in secure environments. The Federal Information Security Management Act (FISMA) dictates that US government agencies, US government contractors, and third parties working for federal agencies
28 JULY 2021
must use FIPS 140-2 validated cryptography modules. Governments in other countries and various regulated industries such as healthcare and finance are also adopting this standard to secure their sensitive data. How can organizations improve user management practices? As businesses move faster and use even more applications than ever before, managing users has become vastly more complex. Operators need to take a holistic approach to improve user management in hybrid environments. A hybrid cloud strategy isn't just the responsibility of the IT department, or the operations team, the C-Suite, or any other individual organization. From business units to IT to finance, each organization must play a role in defining, implementing, and measuring user management practices in a cloudoptimized enterprise. User management practices must also be aligned with an organization’s long-term business strategy. For example, as more people work outside their corporate networks, use multiple devices, and use on-premises and SaaS applications – enterprises must work out how to authenticate users almost continuously in multiple use cases and substrates. Finally, when thinking about improving their user management practices, organizations should consider deploying open source solutions that allow them to easily unify multiple platforms, including converged container and virtual infrastructure, cloud, and edge, into a single management environment. What is centralized Kubernetes security? Building, operating, and maintaining a Kubernetes environment is a complex task. It takes policies and robust procedures to protect environments and data without compromising on application delivery. A centralized Kubernetes security strategy refers to compliance policies and security procedures implemented by IT teams that often utilize an open source
www.VARonline.com
INTERVIEW
SUSE Kubernetes management platform. Such a platform helps enterprise operators easily monitor their users and implement security guidelines without impacting the scalability of their environment and the productivity of their users. The key concept for an effective centralized Kubernetes security strategy is ensuring consistent management across all environments. The management of users is much easier with a Kubernetes management platform like SUSE Rancher that supports defining rolebased access control (RBAC), specifying security policies across clusters, and adding authentication layers to clusters, including Microsoft Active Directory and OKTA. These capabilities ensure all users have a unified security baseline across any Kubernetes environment. A Kubernetes management platform should also enable enterprise IT teams to scale these security baselines and policies as businesses grow and infrastructure changes. In addition, updating and performing compliance-based administrative tasks like node configurations, network policy management, and cloud provider security configurations should be easily centralized and managed. Innovation is now key to business success. How are you enabling businesses to evolve their IT strategies based on business requirements and agile innovation needs? The cloud ecosystem continues to be a powerhouse fuelling economies around the world. And as enterprises move more applications into the cloud native realm, they’re intrinsically creating new infrastructure environments from on-premises to hybrid, multi-cloud, and edge environments. This shift has seen technology solutions like containers and Kubernetes flourish as more organizations around the globe see the innovative value that cloud-native solutions provide in a rapidly changing world. The value of customer experience now plays a strategic role in technology decisions for modern enterprises. Delivering exceptional customer experiences and building competitive advantage requires robust development and operational teams equipped with the right technology stacks to help them focus on creating unique experiences and services for customers. Open source has created a vast landscape of tools, solutions, and products for enterprise development teams to leverage. However, for many developers, lack of budget and old legacy platforms have been the barriers to their creativity and a restriction to modernize. When enterprises embrace open source solutions such as Kubernetes and Linux, they provide a new environment for developers to test, trial and create or revolutionize applications and services without needing to tackle the barriers commonly faced with proprietary technologies. Choosing open gives businesses and their technology teams more options to evolve based on their specific needs. It builds agility into teams without compromising
Dr. Gerald Pfeifer CTO SUSE
on delivery. It fosters a culture of innovation that leads to better customer experiences and, ultimately, improved business performance. How can IT operations at the Edge help minimize threats to organizations that are now largely working remotely? IT teams looking to minimize threats at the edge should start with reducing their attack surface and making it harder for outsiders to modify code. One security vulnerability in one device can quickly lead to a larger attack surface of edge devices at scale. All software components on edge devices must have a minimal image footprint, just providing the required functionality, making it harder for attackers to find loopholes. They should also be immutable by design (with a read-only filesystem) to ensure they are highly predictable and can't be changed during runtime. Furthermore, UEFI-based SecureBoot can prevent malware execution. The second layer of security comes from an integrated security framework for edge devices, so proper access controls can be put in place. Again, using open source is a smart choice. For example, SELinux can provide a security architecture for edge device developers and administrators via access control security policies, including United States Department of Defense style mandatory access controls (MAC). For reference, NSA (National Security Agency) was the original primary developer of SELinux and released the first version to
www.VARonline.com
JULY 2021 29
INTERVIEW
SUSE the open source community under the GNU GPL on December 22, 2000. A third aspect is building a secure environment for application workloads. An organization needs an OS that is built from the ground up to support containers and microservices. Then installation of workloads can be done without reboot, atomic updates come naturally (create new workload and kill old workload), and it is easy to roll back when an update or configuration change goes wrong. From a security perspective, workloads need to be isolated from the core filesystem to guard against malicious applications compromising the system. Integration with the security framework is critical. For example open source-based container runtimes can be adjusted to support autogeneration SELinux policies for container workloads. Updates and maintenance are key operational aspects for the life of the edge device. Therefore, ensuring the reliability and security of updates is crucial. The following attributes provide a solid foundation: • Securely downloaded - updates should always be downloaded via secure protocols such as HTTPS. • Signed - packages and repositories are cryptographically signed. Intruders cannot exchange good, new packages against old or insecure packages. • Verified - packages are verified before usage. The update is not committed if conflicts occur. • Transactional updates - each update is atomic and consistent. Transactional updates along with rollback provide a fail-safe environment. The last step is compliance. Make sure the edge devices are compliant with industry standards, such as FIPS 140-2. Compliance with established standard sets a baseline for the security of overall system architecture. As a result, the end-to-end edge infrastructure gets designed to be secure. What would be your advice to organizations for a secure IT transformation? At SUSE, we recommend our customers follow a 4-step approach to secure their IT transformation: 1. First, move on from legacy systems. Devices and systems based on legacy operating systems – whether Windows, home-grown Linux, or some other niche approach – are expensive to maintain and restrict productivity. Security is implemented as a patchwork and lacks a cohesive framework for the entire system. Adopt a standards-based Linux distribution like SUSE Linux Enterprise that can last many years and has an integrated security framework to provide a solid foundation for a complete system design. 2. Containerize – Transform applications to run as containers. Containers provide a consistent way to package application components and their dependencies into
30 JULY 2021
comprehensive objects that can run in any environment. By packaging code and its dependencies into containers, a development team can use standardized units of code as consistent building blocks. The container will behave the same way in any environment and start and terminate quickly, allowing applications to scale to any size. Development teams are using containers to package entire applications and move them to the cloud and edge environments without code changes. Additionally, containers make it easier to build workflows for applications that run between multiple environments, enabling the smooth operation of almost any hybrid environment. Using containerized applications sets the stage for applications to be developed at scale, with consistency in performance and reliability. 3. Use Kubernetes As more containers are deployed throughout organizations and in the cloud, IT and OT teams need a way to keep track of them, develop and deploy at scale. Kubernetes makes it easier to manage software complexity. As enterprise applications become more complex, development and operations (DevOps) teams need a tool to orchestrate that complexity. They need a way to launch all the services dependent on these applications, ensuring applications and services are healthy and can connect. Development and operations teams use Kubernetes to boost productivity, reduce costs and risks, and move organizations closer to achieving their hybrid cloud goals. 4. Adopt cloud-native methods Cloud-native technologies empower organizations to build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds and the edge. Containers, service meshes, microservices, immutable infrastructure, and declarative APIs exemplify this approach. These techniques enable loosely coupled systems that are resilient, manageable, observable, and can be more secure. In the context of containers and open source, the Cloud Native Computing Foundation (CNCF) was founded in 2015 to help advance container technology and align the tech industry around its evolution. Kubernetes and other CNCF projects have quickly gained adoption and secured diverse community support, becoming some of the highest velocity projects in the history of open source. The growth of CNCF is a big testament that can give organizations confidence in adopting cloud-native technologies to build a cohesive stack of secure and scalable technologies. Security is not an afterthought for cloud-native apps. Rather security is baked in from the start. Adopting cloud-native technology stacks puts an organization firmly on the path to a secure IT transformation.
www.VARonline.com
INTERVIEW
F5
ALL SECTORS ARE A TARGET AND NEED TO IMPROVE THEIR CYBERSECURITY Organizations should adopt a Zero Trust approach and ensure any new technologies and services are secured from end-to-end, advises Mohammed AbuKhater, VP of Sales for the Middle East, Turkey and Africa, F5 In your view, how has the Covid-19pandemic affected cyber security? As ever, cybersecurity threats are evolving and becoming more sophisticated, but there were some distinct trends that emerged in 2020 and continued into 2021. First, remote working has led to an increase in cyber criminals targeting devices and applications people use to access work documents and meetings. Covid-19encouraged many organizations to accelerate their digital transformation plans, and with technologies such as edge computing, the attack surface is growing and becoming more complex. In this scenario, it is vital that organizations have full visibility of their applications and understand how to protect them. During the height of the first wave of the global pandemic, Covid-19significantly emboldened cybercriminals’ phishing and fraud efforts, according to research from F5 Labs. For example, phishing incidents rose 220% during the height of the global pandemic compared to the yearly average, according to the fourth edition of the Phishing and Fraud Report. Research from F5 also pointed to other security trends. For example, credential stuffing, which involves the exploitation of large volumes of compromised usernames, and email and password pairs, also saw a sharp rise between 2019 and 2020. The 2020 median spill size of 2 million records represented a 234% increase over 2019 and was the highest since 2016 when the spill size was 2.75 million. Denial-of-Service (DoS) and password login attacks such as brute force and credential stuffing are also on the rise, according to recent research from F5 Labs. The analysis of three years of incidents reported to the F5 Security Incident Response Team (SIRT) also found that Application Programmeming Interface (API) attacks are becoming increasingly widespread. Attackers always choose the most efficient ways to turn a profit. We can expect more password login, DoS and API attacks on the horizon.
32 JULY 2021
What are adaptive applications? F5’s vision is to harness technologies including edge computing, cloud, and AI to create applications that learn to take care of themselves—leaving organizations free to focus on their core business of serving their customers. Adaptive applications are apps that automate redundant processes for greater efficiencies. It means apps that expand, and contract based on performance needs. It also means apps can protect themselves and mine telemetry to become smarter. Since 2018, F5 has invested both organically and inorganically to bring this vision to life, including the acquisitions of NGINX in 2019, Shape Security in 2020, and Volterra in 2021. How vulnerable are the apps used for day-to-day activities and what can be done to minimize the threat? The vulnerability of apps varies according to how well they have been developed. If we look at the main challenges facing organizations today, we can say that cyber threats are increasing in volume, complexity and severity, while the attack surface for most organizations has also grown significantly. The adoption of new technology can lead to vulnerabilities. The growing number of connected devices and the rise of edge computing is a prime example. There is often a lack of awareness, or delayed awareness, around the need to secure new technologies. F5 takes a holistic approach to cybersecurity to ensure that organizations gain the benefits of innovations such as 5G, edge computing and AI, without compromising their security. Often, new innovations can help boost security, as is the case with using AI and machine learning to help recognize security threats. All sectors are a target and need to improve their cybersecurity, but we see a particularly high requirement for protection in sectors that rely heavily on their digital interfaces - for example education, banking and finance, and government. In 2020 at a global level, four sectors—finance/ insurance, education, health care, and professional/
www.VARonline.com
INTERVIEW
F5 technical services—experienced the greatest number of breaches, and a high proportion of these were related to the Blackbaud ransomware event, according to research from F5 Labs. We typically see a close correlation between cybersecurity breach trends globally and in the MENA region, and we will continue to maintain focus on protecting customers in finance, education, and government in the region. How can applications be secured? Given that applications are key to the success of all organizations and are a key pillar of digital transformation strategies, it’s imperative to ensure they are secure and reliable. Cyber security is vital to all innovation and should be a key component of any technology development from the outset, and should also be an integral part of any solution, end-to-end. By making security a key part of their delivery and operations, organizations will be better placed to provide truly innovative solutions to their customers while helping them to stay secure. This is what F5 specializes in. Our services are in four main areas: App security: Organizations rely on applications to offer services that customers expect, but cyber attacks are also on the rise. As organizations offer access to their services on ever more devices in any location, the threat surface increases. F5 protects apps and Application Programmeming Interfaces (APIs) across all IT architectures, clouds, and third-party integrations to reduce risk and speed digital transformation, while increasing application development velocity to improve time to market and reduce friction. Traffic management: Customers and employees expect fast, uninterrupted access to applications, wherever they are. Load balancing, security, performance, and management services all play into meeting those expectations.
F5 takes a holistic approach to cybersecurity to ensure that organizations gain the benefits of innovations such as 5G, edge computing and AI, without compromising their security.
Mohammed AbuKhater VP, Sales, META, F5
Cloud: F5 secures and optimizes the apps you’re migrating to the cloud, those already running in the cloud, and those you’re developing for your future cloud. Automation and orchestration: App deployments at speed and scale. The F5 Automation Toolchain delivers a process-driven approach to automation. Our Automation Toolchain helps organizations to efficiently provision, configure, and manage the services that support their apps. How can businesses protect themselves against the rising scourge of ransomware? For businesses, the advice to avoid falling foul of ransomware is similar to avoiding any other type of cyber attack. It’s vital to work with a strong cybersecurity partner and develop a culture that puts cybersecurity at the heart of everything you do. Organizations should adopt a Zero Trust approach and ensure any new technologies and services are secured from end-to-end. Organizations need to develop a culture of security, ensuring that employees are well educated about new types of attacks, such as social engineering, and how to avoid them.
www.VARonline.com
JULY 2021 33
TECHNOLOGY
NEWS BYTES
DATASTREAM CYBER INSURANCE LAUNCHES GLOBAL PARTNER PROGRAMME
D
atastream Cyber Insurance has announced the launch of its Global Partner Programmeme for MSPs. The Programme aims to reduce the risk and impact of cybersecurity events for small and medium sized businesses across the US and make the process of integrating insurance into a cyber risk Programme simpler and more efficient. The Programme also provides the MSP, MSSP, and VAR community with a dedicated resource in the cyber insurance space so they can complete the protection their clients need. It will enable MSPs to support their customers to assess and apply for cyber insurance quickly. Cyber insurance is a critical component in the package of cyber protection SMBs need, as it ensures business continuity if and when a company gets attacked. Cyber insurance covers the increasingly high costs associated with cybercrime incidents, as well as ensures SMBs have access to experts like forensic data scientists so they can understand what has happened to them. For SMBs, the application process is cumbersome and the business leader or sole-trader themselves have to correctly fill in the forms – or turn to their MSPs for help. Datastream’s Global Partner Programme aims to streamline this process, and by pre-vetting MSPs as the account of record for their customers, allows them to align the systems
they use for each client, with the cyber coverage needed. This will enable their customers to quickly get the right policy, at the best price, in the fastest time. DataStream CEO, Andy Anderson, said: “The future where cybersecurity is not a persistent and frustrating thorn in the side of SMBs is one where cyber insurance is more deeply integrated into the sector, and especially with the MSP technology vendors.” “Insurers are experts at measuring risk - and by working with MSPs through the The Global Partner Programme - Datastream is better able to quantify both risk and solutions, which in turn helps all parties stay safe and stress-free,” he added.
EMICOOL STRENGTHENS DIGITAL TRANSFORMATION WITH REMOTELY CONTROLLED PROCESSES
E
mirates District Cooling (Emicool) has initiated implementation of Emivalve to enable remotely controlled processes as well as to facilitate instant connection and disconnection through an automated centralized software. Emicool has partnered with Poland's AIUT to develop Emivalve. “With Emivalve, our customers can avail district cooling services, facilitating a quick move in and out for tenants, instead of visiting the company’s headquarters or the customer service centers. We have extended the services to our sister Company Aquacool Metering to ensure uniformity in application and services. The digitalization of connection or disconnection will minimize turnaround time of registration and cancellation processes, increase customer satisfaction, enhance experience and, contribute to Emicool’s vision to be recognized as a world class provider of reliable and efficient district cooling services”, said Dr. Adib Moubadder, CEO of Emicool. Commenting on the partnership, Artur Gabryś, Director of the Smart City IoT Division at AIUT,
34 JULY 2021
Dr. Adib El Moubadder Chief Executive Officer, Emicool said, “We are happy to provide smart cities with automated solutions. The automation of processes in municipal utility supply networks is the direction of city development expected by both – enterprises and residents. The utilization of IoT technology helps manage utility in real-time and reduces energy losses for the benefit of the environment. E-settlements and lower service fees are other benefits of implementing smart IoT solutions.”
www.VARonline.com
FORTINET EXTENDS SECURITY FABRIC FOR 5G ECOSYSTEM
T
o address the security challenges thrown open by 5G ecosystem, which include additional edges and expanded digital attack surface, Fortinet has introduced FortiGate 7121F. It consolidates networking and security through a securitydriven networking approach to deliver full visibility, scalability, and advanced security to protect business-critical applications in the distributed and hybrid 5G ecosystem. John Maddison, EVP of Products and CMO at Fortinet, said, “Fortinet has heavily invested in the development of its 5G security portfolio. Delivering the world’s fastest NGFW, we help service providers secure radio
John Maddison EVP, Products & CMO, Fortinet
and Internet interfaces at price performance numbers 10 times today’s benchmarks. Additionally, the new 5G FortiExtender provides more WAN connectivity options and is fully integrated into the FortiGate SD-WAN policy engine.” The latest FortiExtender 511F5G wireless WAN brings sub 6Ghz 5G connectivity to power SD-WAN and SASE solutions. FortiExtender is simple to setup. It can be plugged in to Fortinet’s secure SD-WAN solution to provide flexible WAN connectivity for hybrid WAN and deliver better user experience. FortiExtender also enables thin edges with 5G connectivity to FortiSASE for cloud-delivered security and inspection.
JUNIPER NETWORKS ANNOUNCES JUNIPER SECURITY DIRECTOR CLOUD
J
uniper Networks has introduced Juniper® Security Director Cloud, a cloud-based portal that distributes connectivity and security services to sites, users and applications, as well as manages customers’ SASE transformations. Enterprises, as well as cloud and service providers, are shifting from monolithic centralized data center architectures to SASE, decentralized architectures that bring services closer to end-users around the globe. Juniper Security Director Cloud aims to bridge organizations’ current security deployments with their future SASE rollouts by providing security that can be managed anywhere and everywhere, on-premises and in the cloud, from the cloud. Its benefits include: • Experience-led management to facilitate network transformation. Security Director Cloud features zerotouch provisioning and intuitive configuration wizards for secure connectivity, content security and advanced threat prevention for both on-premises and cloudbased security policy. Its multi-directional sync between cloud-hosted and on-premises management and individual firewalls supports a seamless and secure shift to a SASE architecture. • Unified policies across physical, virtual and cloudbased security. Customers can create security policies —
including user- and application-based access, IPS, antimalware and web security policies — that follow users, devices or applications as they move to new locations, and automatically apply them. This can minimize operational overhead and decrease attack vectors, inadvertently created by human error. • Validated security effectiveness. Juniper provides cyberattack protection that has been validated by objective, third-party testing to be more than 99% effective against network and application exploits, new and commodity malware, IoT botnets and other attack techniques targeted at the edge and in the data center.
www.VARonline.com
JULY 2021 35
TECHNOLOGY
NEWS BYTES
TECHNOLOGY
NEWS IN DETAIL
HYTERA LAUNCHES 4G & 5G SOLUTIONS TO SERVE THE MNO AND VERTICAL INDUSTRY MARKETS
H
ytera has introduced its new 4G/5G portfolio including its industry-leading HyXG O-RAN solution. HyXG forms a key part of Hytera’s total solution aimed at serving the MNO and vertical industry markets. It comprises DU board, O-BBU and a high-end Edge-Node. The online launch event was held on 29 June 2021 to coincide with MWC Barcelona 2021. Hytera believes more than ever that openness and innovation are important to society. Enterprises need a holistic approach to help them tackle the challenges they face and to instigate progress and change. The communications ecosystem needs to collaborate to explore innovative digital network solutions, which will transform enterprises across the globe.
HYTERA HYXG O-RAN SOLUTION 5G technology will empower enterprises by underpinning the Industry 4.0 revolution. 5G, combined with the innovative, open standards approach promoted by the O-RAN Alliance, will enable a more competitive and vibrant RAN supplier ecosystem leading to faster innovation, greater collaboration and reduced risk of vendor lock-in. O-RAN will deliver a more open, intelligent, virtualized and fully interoperable RAN architecture based on open hardware and cloud with intelligent management of radio and platform resources and service quality. By delivering a more efficient RAN, O-RAN will reduce operator CAPEX and OPEX. O-RAN architecture is largely defined for 5G, but Hytera has developed a dual-mode 4G and 5G architecture for its HyXG O-RAN solution. This allows customers to implement 4G or dual-mode 4G/5G networks now, and then easily upgrade to 5G networks in the future. Following O-RAN specifications,
36 JULY 2021
HyXG splits the RAN into three independent parts: the CU (centralized unit), DU (distributed unit), and the RU (radio unit). Hytera has separated the 4G and 5G DU cards, which interconnect with the CU to enable simple 'plug and play' connectivity. The boards are based on SoC chipsets, which support higher throughput, lower latency and reduced energy consumption. They feature an open front-haul interface enabling easy connection to third-party RUs. Hytera is releasing basic and enhanced O-BBU (baseband unit) models, both of which provide converged 4G/5G capabilities. The enhanced model can also be configured as a standalone MEC (mobile edge computing) node. The BBU can be deployed as a combined CU/DU unit to provide legacy BBU functions or separate standalone CU or DU mode. The versatile ‘all-in-one' EdgeNode provides a mobile edge computing (MEC) platform, which can be configured to deliver both base station and edge computing functions simultaneously. It can also be configured as a 4G/5G dual-mode BBU, support centralized network management functions, and provide a multimedia broadband services platform.
HYTERA’S UNIQUE VALUE AS www.VARonline.com
A PMR PROVIDER IN THE 5G ERA Hytera has supplied different vertical markets with PMR (Professional Mobile Radio) solutions for 28 years with a strong focus on growth and innovation. But customer demands are changing, they are looking for converged and intelligent ICT solutions supporting integrated voice, data and video multimedia services. As a result, Hytera is adapting itself to meet its customers’ needs by developing innovative 4G and 5G solutions. But the vertical market is highly fragmented and each sector requires a lot of customization. This is a huge challenge for mobile operators and other new entrants to the vertical market.
FLEXIBLE BUSINESS AND COLLABORATION MODELS Hytera offers customers a range of flexible business options when deploying its 4G/5G solutions, from just using an open protocol software stack or a module in their own products to deploying a full end-toend solution. This flexible and open approach enables a high degree of collaboration and customization to meet customer needs. Mr. Jiang Yelin, CEO of Hytera, said: “Hytera is willing to cooperate with a variety of ecosystem partners to empower the vertical industry evolution to digital, broadband and 5G.”
TECHNOLOGY
NEWS BYTES
HUAWEI HIGHLIGHTS 5G AS A KEY PLAYER FOR BRIGHTER GLOBAL FUTURE DURING MWC
H
uawei Executive Director and President of Carrier BG, Ryan Ding delivered a keynote speech Innovation: Lighting up the Future. In his keynote, Ding said that innovation in ICT is becoming a key driver of the global economy and its value is moving beyond the telecom industry. Ongoing innovation in 5G, in particular, will bring more value to operators, the ICT industry, and the global economy, and will light up the future of every industry. The pandemic, Ding said, has created a new normal in which the digital economy is the driving force for the global economy. ICT infrastructure, as the cornerstone of the digital economy, is playing an increasingly important role. Ding mentioned that the value of ICT now transcends the telecoms industry and has transformative implications for the global economy as a whole. In countries where 5G is developing faster, operators have seen faster revenue growth, and these countries also tend to have better digital infrastructure overall. Taking China as an example, in less than 18 months, more than 820,000 5G base stations have been deployed, and Chinese operators achieved a 6.5% increase in revenue and a 5.6% increase in net profits in the first quarter this year. The rapid development of digital infrastructure driven by 5G will add EUR1.9 trillion to the Chinese economy in the next five years. The same stories are also unfolding in South Korea and Europe. As ICT infrastructure is the cornerstone of the digital economy in the 5G era, operators are playing a more important role than they used to. Ding said, "Currently, the major goal of operators in 5G is to achieve business success in three key markets – consumers, homes, and industries – through innovation in network deployment, market development, and operation optimization."
38 JULY 2021
Today, 5G has been applied in over 1,000 projects in more than 20 industries including steel and mining, enabling safer and more efficient production. "We've learned from Chinese operators' experience that the success of 5GtoB depends on three factors," said Ding. "First, selecting the right industries. Operators should choose target industries by looking at four factors: demand, affordability, replicability, and technical feasibility. Second, defining the scope of your offerings. Operators can serve as network providers that offer connectivity services. They can also serve as cloud service providers, or even system integrators that provide end-to-end integration services. Different roles require different skillsets and yield different business value. Third, designing innovative business models. This is key to replicating 5GtoB success at scale." "5G success first requires a 5G network that provides the best user experience, and this guides how we innovate at Huawei," said Ding. Concluding his keynote, Ding emphasized that 5G development requires ongoing innovation. In 5GtoB, for example, 5G standards need to be coordinated with industry standards at a faster rate, and 5G should be integrated into enterprises' core production processes to help them go digital and intelligent. At the same
www.VARonline.com
time, the synergy between 5G, cloud, and computing will further expand the boundaries of operators' business, creating space for new growth. 5G innovation is an ongoing process. Huawei believes that innovation will light up the future. During MWC Barcelona 2021, Huawei launched a series of 5G products and solutions oriented to '1+N' 5G target networks. Supercharged by industry-leading innovation, these products and solutions will help promote multiantenna technology to all bands and all scenarios to build leading 5G networks. The products included: Industry’s only 400 MHz UltraWideband 64T64R Massive MIMO, Industry's Lightest 64T64R Massive MIMO, BladeAAU Pro: Industry's Only 64T A+P Solution, BladeRRU Pro: Industry's Only RF Unit That Supports Three Low and Three Medium Bands, and Industry's Only Commercial FDD Massive MIMO. Yang Chaobin, President of Huawei Wireless Product Line, said: "By launching this series, we aim to bring multi-antenna technology to all scenarios and bands. Several products within the solutions are one-of-a-kind and will help operators efficiently deploy 5G networks and provide firstrate experience. Huawei will work with global partners to innovate and share 5G benefits with all."