Author: Jay Fearn

Lack of IT security training is leaving businesses open to data breaches, says Claranet research

Both technical teams and general staff need more frequent guidance on recognising and dealing with cybersecurity threats.

New research by global technology services provider Claranet has revealed that six in ten organisations (61 per cent) believe that their general workforces need much more training in cybersecurity awareness. Somewhat alarmingly, 38 per cent of respondents said that their software development teams also need a great deal more training in this area, and 29 per cent said the same is required for IT operations teams. This evidence underlines how much more needs to be done – even within technical teams – to eliminate this skills shortage and bring internal cyber awareness levels up to a point where threats can be effectively countered.

The survey was carried out by Vanson Bourne and surveyed 100 IT decision-makers from a range of UK businesses with more than 1,000 employees. According to the findings, 61 per cent of general staff have not had full IT security training. This figure is lower for software development teams (38 per cent) and IT operations teams (29 per cent), but shows that training coverage is still by no means comprehensive.

For Neil Thomas, Group Security Services Director at Claranet, this shows how businesses need to do more to increase their training capabilities and reduce the potential for human error to lead to costly data breaches.

Thomas said:

Most business leaders are aware of the need for effective cybersecurity measures to counter the constantly evolving threat landscape, but this research shows that efforts to train staff still haven’t been as effective as they could be. This is critical for all technical teams but general awareness across all business functions is also extremely important.”

The findings from the research also suggest that there is a disconnect between the faith that businesses have in their cybersecurity technology and their general awareness of the organisation’s security risk profile it is there to protect. 84 per cent of respondents said that they have confidence in their breach detection systems if company data is compromised. However, over a third (36 per cent) said that their organisation’s IT security risk profile is not well understood.

For Thomas, this suggests that some companies may be relying too heavily on technology to handle the cybersecurity burden:

It’s well-known that human error is a leading cause of data breaches. It’s insufficient to expect protection and detection technologies and services to do all the work while staff training falls short. It’s therefore crucial that all employees are fully aware of security risks. And special attention must be paid to software development and IT operations who need a more detailed understanding specific to their roles. Not only does upskilling technical staff result in an improvement in security posture, it can also lead to closer collaboration across the Development, Operations, and Security teams.”

As one of the leading training providers at the Black Hat cybersecurity conferences, we have the expertise to work closely with our customers to improve in-depth security technical awareness and skills. We use Classroom learning and labs for this but now, through a new partnership that we’re announcing with Global Learning Systems, this support has expanded with a wide range of security awareness online training products and services. By combining these two options, we can now provide more effective training solutions.”

Global Learning Systems CEO, Larry Cates, said of the partnership:

Organisations are recognising that building a true cybersecurity culture requires a continuous and comprehensive learning programme. They need multi-modal, role-specific training for every facet of their business, which is why Claranet and Global Learning Systems have joined forces.”

Thomas concluded:

Getting the right technology infrastructure and testing procedures in place is clearly a fundamental part of protecting businesses from cyber-attacks. But businesses should also remember the human element, and that’s why effective training is a crucial part of the mix.”

Claranet makes a significant leap on The Sunday Times Top Track 250 for the second year running to reach 45th place

Claranet climbs 78 places in 2019 through organic growth, cementing their position among Britain’s fastest-growing privately-owned businesses.

Technology services provider Claranet has achieved the rank of 45th place in The Sunday Times Top Track 250 for 2019, rising 78 places from last year and 133 places since 2017. Published yesterday, Sunday 6th October, the league table ranks the fastest-growing privately-owned businesses in the UK. Claranet’s placement in the league table for the third year in a row comes during a sustained period of growth.

Established in the UK in 1996, Claranet has developed via acquisition and organic growth to become one of the leading providers of integrated Hybrid Cloud, Networks, Managed Cyber Security, and Unified Communications services to over 6,500 customers across multiple countries (UK, US, France, Germany, Italy, Spain, Portugal, Benelux, and Brazil). Claranet supports these customers through a wide range of IT managed services, professional services, and training.

This year Claranet’s international growth strategy has delivered a £49 million revenue increase (up 15% on its previous financial year) to £373m. This follows moves to consolidate the company’s portfolio of services and capabilities following key acquisitions in 2017 and 2018.

Charles Nasser, founder and CEO of Claranet, commented:

Our mainly organic growth this year is due to our wider portfolio of services, international presence, and our credibility to deliver for our customers. This has resulted in Claranet becoming increasingly relevant to new mid-market, large, and enterprise customers and we have invested in staff, technology, and key strategic partnerships throughout the year to deliver this successful growth in revenue and gross profit.”

For example, a new portfolio of services we have focused on is Managed Cyber Security, which is a significant business requirement for all of our customers and an area where we have developed considerable expertise. This follows the acquisition of global ethical hacking training and penetration testing experts, NotSoSecure, last year and the acquisition of Sec-1 in the UK in 2017.”

Further consolidation opportunities continue to be found in many of the countries in which Claranet operates. Two examples are the 2018 acquisitions of Xpeppers (AWS experts in Italy) and Quinfox (Hosting experts in the Netherlands). Throughout 2019 the focus has been on establishing the continuous development of capability across the Group.

Nasser continued:

Despite our growth, we remain committed to developing the close, lasting relationships that our customers need to modernise their businesses, succeed in the long term, and achieve their own market-leading results. Our priority is always to become a trusted partner.”

Majority of UK businesses are failing to address technical debt, says Claranet research

Work needs to be done to better manage technical debt levels and reduce the barriers to change and improvement.

New research by technology services provider Claranet has revealed that technical debt is a significant issue for 84 per cent of organisations – limiting their ability to respond quickly to customer demand with new software feature releases. This figure shows that despite tech debt being a very common issue, business leaders have not yet taken the necessary steps to manage this. The result is a significant drag on business agility and competitiveness.

The research was carried out by Vanson Bourne and surveyed 100 IT decision-makers from UK-based businesses with more than 1,000 employees. Despite widespread recognition of tech debt challenges, more than eight in ten respondents (84 per cent) do not have an active reduction programme in place, and close to a fifth (19 per cent) want to reduce their legacy technology but do not have a clear plan of action on how to do this.

For Michel Robert, Managing Director at Claranet UK, this highlights how more needs to be done to effectively address the issue.

He said:

Limiting technical debt is all about maintaining the quality of your code. Poor quality can lead to systems that are difficult, time-consuming, and expensive to change and potentially less secure. That’s not a position any business wants to find itself in, especially when fast, iterative improvements are often needed to serve customers most effectively.

With many companies now working to a complex Hybrid Cloud strategy and starting to benefit from an Infrastructure as Code approach, the issue of technical debt goes beyond the development team.”

Our research has shown that many businesses are severely restrained by technical debt, and a big reason for this appears to be that many non-technical staff are unaware of the time and effort that needs to go into refactoring applications and resources at a later date. There’s a clear need to raise awareness in this area and to also encourage closer collaboration between technical teams working in Development, Operations, and Security, and to state the business case for non-technical colleagues.”

This lack of awareness is confirmed by the finding that almost half of respondents (48 per cent) said their non-technical colleagues do not understand the financial impact that technical debt can have on the organisation, with 45 per cent reporting they only have a rudimentary understanding of the concept.

Robert added:

There’s clearly a significant disconnect between the technical teams and the wider business when it comes to understanding the importance of maintaining the quality of code and how to manage it. Part of the solution to this problem is to create a quality-focused culture.”

He concluded:

Adopting a philosophy like DevSecOps, and taking an “as-code” approach to security and infrastructure, can help unite teams around a common purpose of maintaining quality systems. Do it right and businesses will be in a better position to quickly adapt to market conditions, stay secure, and build a stronger competitive advantage.”

Lipoedema Surgery

Megan

This post was written by my Wife, Emma.

Our Daughter Megan is now 21 but was only 15 when we first became aware that her legs were shaped very differently to mine and my younger Daughter’s legs. Megan began to hate her legs and would always cover them up with the clothes she was wearing. She was sure that exercising and dieting would sort out her issue, so after losing three stone and seeing no change in her legs she became very disheartened.  Our GP said exercise would sort it, but it didn’t. She was at the gym 3-4 times a week while losing the weight! Megan found that as the lipoedema fat grew, her legs would physically ache and hurt, bruise and the lower part of her calves discoloured purple, due to minimal blood flow. Even massaging them hurt.  At this stage, we did not know what was causing it. A ‘ trying on’ session in a clothes shop upset Megan so much that she started investigating further why her legs were like they were.  Until then, she had just accepted it. Very soon she realised it wasn’t her fault and more and more research was required. 

Lipoedema is a chronic condition whereby fat cells abnormally build up in the hips, buttocks, legs and occasionally arms of women (and, far more rarely, men), resulting in often painful pockets of fat that do not go away with exercise or dietary changes. The condition varies in appearance from woman to woman, but every woman with lipoedema suffers from a frustrating lack of awareness among the public and medical community alike.

Lipoedema has had little research, is rarely taught and is poorly understood; as a result, often misdiagnosed as obesity or lymphoedema (swelling that occurs due to the lymphatic system not working correctly), and only limited treatment options are available.

Lipoedema treatments are not very accessible at all. Women usually must know what it is they want and either find it themselves or put it forward as a suggestion to their GP (and you read earlier what our GP said!)

Megan’s consultation with her surgeon in Berlin

Megan’s legs

An option is liposuction which reduces the size of lipoedema areas and lessens the associated pain, but this has many problems. Liposuction is available on the NHS if the patient has lymphoedema – Megan doesn’t, several women have been successful there, but usually only because they were quite extreme cases.

It’s virtually impossible, however, to get funding for tumescent liposuction on the NHS, and to my knowledge, no one diagnosed with just lipoedema has gone down that route. Meaning a growing number of women are forced to fund it themselves, and many choose to go abroad where there are more choice and more experienced surgeons.
 
The advice given to Megan is that if her lipoedema is untreated, she will be in a wheelchair by the time she is 35.

As a family, we have decided that our only option for Megan to have the quality of life she deserves is to take her abroad to have surgery. She could have the surgery here in the Uk, but it is over DOUBLE the cost. 

During the Summer I went with Megan to see a surgeon in Berlin – Dr Czarnecka. She confirmed that Megan’s lipoedema was quite advanced for her age and that it would only get worse. She advised four operations over the course of a year to eliminate the lipoedema fat from her legs, bum, lower stomach and arms. The medical procedures (Operations) although painful are essential. Schedules for her first three operations are November 2019, February 2020 and June 2020 with the fourth operation in Sept 2020.

The cost of the operations will be £24,000. Jay and I will fund the flights, hotels, subsistence and aftercare (Manual Lymphatic Drainage

If you could support Megan by making a donation and/or sharing it with friends, family, or colleagues we would hugely appreciate it.

I know that money can be tight, so please know that even £5 helps us get closer to our goal.

Let me know if you have any questions and we will be happy to answer them.

Thank you from Megan, Emma, Jay and Bethan xxxxx

What can happen if left untreated

Retailers need to start infrastructure preparations now to strike gold this Golden Quarter, says Claranet

Claranet issues warning to retailers to start making preparations now or risk losing customers.

Black Friday and Cyber Monday have become a fixture in the British retail calendar, and a much-needed boost to sales. As we reach the halfway point of 2019, Claranet has urged retailers to start preparing, stress-testing, and optimising their infrastructure now to ensure that they can withstand sudden surges in traffic in this year’s Golden Quarter.

Consumer spending on Black Friday and Cyber Monday continues to grow year on year; growth that is driven in large part by online spending, with many consumers opting to grab their bargains from the comfort of their own homes. Last year, UK consumers spent £1.49bn on online retail sites during Black Friday, a 7.3 percent increase from the previous year.

However, despite numerous high profile examples of Black Friday-related website outages in recent years, last year a number of retailers found that ecommerce platforms were straining under the pressure even before the main shopping event had begun. For some, this meant employing queuing technologies to cope with demand, which restricted access, hit sales and had a negative impact on customer satisfaction.

John Hayes-Warren, Head of Retail at Claranet, said:

Events like Black Friday and Cyber Monday play a huge role in increasing sales for retailers. They give an opportunity for smaller retailers to attract new customers, while allowing larger retailers to shift stock they have been sitting on. However, this rise in sales activity requires businesses to have the right back end systems to cope with large amounts of consumers accessing their eCommerce platforms. Despite this, we’re still seeing a number of problems being experienced by retailers.”

These are the sorts of issues retailers can ill afford, so now is the time for businesses to start capacity planning to gauge if their channels will cope with rapid surges in traffic, maintain page load times, and avoid web crashes. Black Friday and Cyber Monday are firm dates in the calendar, but flash sales on the back of social media influencer marketing are also a potential stress-point for retail websites.”

For Hayes-Warren, hybrid cloud is a natural solution to these challenges. However, cloud migration can be a complex process and not simply a case of lifting and shifting existing IT infrastructure. With this in mind, he suggests retailers need to move now if they are to make it in time for the 2019 Golden Quarter:

Cloud enables retailers to rapidly add more capacity and scale up as the amount of web traffic increases, which strengthens overall IT resilience and means businesses are adequately prepared for sudden bursts in activity. If this is coupled with a flat pricing structure that stays the same even in periods of peak demand, retailers have a predictable and cost-effective way to guarantee zero downtime.”

The most forward-thinking retailers are those who understand the need to reengineer their digital estates so that they can take advantage of these scalable technologies.”

Hayes-Warren concluded:

We now live in an age where customers expect a faultless online experience. When many wake up in the early hours of the morning on Black Friday, the last thing they want to experience is an error message pop up on their screen or the frustration of a painfully slow website. Preparation is key to getting the best out of the Golden Quarter: retailers who take the time to enhance their infrastructure and carry out all the necessary testing well before this period will be the ones that emerge as the big winners.”

Claranet achieves AWS Digital Customer Experience Competency status

Global technology services provider Claranet has announced that it has achieved Amazon Web Services (AWS) Digital Customer Experience Competency status.

This designation recognises that Claranet provides proven technology and expertise to help Digital Customer Experience customers by providing end-to-end solutions for all phases of the digital customer acquisition and retention lifecycle. These include content management and marketing automation to engage prospects and customers with the right experience, effective and secure commerce solutions to create a seamless buying experience, and data analytics solutions to support decisions and retain customers.

Achieving the AWS Digital Customer Experience Competency confirms Claranet’s position as an AWS Partner Network (APN) member, providing specialised technical proficiency and proven customer success with a specific focus on workloads based on content management, marketing automation, digital commerce and/or consulting practice. To receive the designation, APN Partners must possess deep AWS expertise and be able to deliver solutions seamlessly on AWS.

Charles Nasser, founder and CEO of Claranet, said:

We’re proud to have achieved AWS Digital Customer Experience Competency status. We’re committed to helping our customers achieve their technology goals by making the most of the agility, breadth of services and pace of innovation that AWS provides, and this recognition is indicative of our dedication in this respect.”

AWS enables scalable, flexible and cost-effective IT solutions for companies of all sizes, ranging from startups to global enterprises. To support the seamless integration and deployment of these solutions, AWS established the AWS Competency Program to help customers identify Consulting and Technology APN Partners with deep industry experience and expertise.

In recent months, Claranet worked with fast-fashion brand Oh Polly to assist its migration to AWS, as part of the company’s bid to overhaul its IT estate and address the issues it was encountering with its previous hosting solution.

Commenting on the project, Mike Branney, Managing Director at Oh Polly, said:

After some deliberation, we recognised that a cloud solution hosted in AWS would help address the load, flexibility and adaptability issues we were experiencing. We knew that Claranet has a positive track record with similar fast-fashion brands, making them a clear choice in helping us migrate to AWS. We were immediately impressed with Claranet’s understanding of the platform, as well as the wide range of expertise and skills they were able to show from day one.”

Raspberry Pi 4

I am now the proud owner of a single Raspberry Pi 4, with another 3 on the way. Obtained from ThePiHut. From initial viewing it is a fabtastic piece of kit, sporting the following specifications:

Key features include:

  • Quad core CPU @ 1.5GHz
  • Dual display supporting up to 4K resolution
  • WiFi
  • USB 3.0
  • Bluetooth 5.0
  • Available in three RAM sizes; 1GB, 2GB or 4GB!

Specifications

  • Broadcom BCM2711, Quad core Cortex-A72 (ARM v8) 64-bit SoC @ 1.5GHz
  • 1GB, 2GB or 4GB LPDDR4-2400 SDRAM (depending on model)
  • 2.4 GHz and 5.0 GHz IEEE 802.11ac wireless, Bluetooth 5.0, BLE
  • Gigabit Ethernet
  • 2 USB 3.0 ports; 2 USB 2.0 ports.
  • Raspberry Pi standard 40 pin GPIO header (fully backwards compatible with previous boards)
  • 2 × micro-HDMI ports (up to 4kp60 supported)
  • 2-lane MIPI DSI display port
  • 2-lane MIPI CSI camera port
  • 4-pole stereo audio and composite video port
  • H.265 (4kp60 decode), H264 (1080p60 decode, 1080p30 encode)
  • OpenGL ES 3.0 graphics
  • Micro-SD card slot for loading operating system and data storage
  • 5V DC via USB-C connector (minimum 3A*)
  • 5V DC via GPIO header (minimum 3A*)
  • Power over Ethernet (PoE) enabled (requires separate PoE HAT)
  • Operating temperature: 0 – 50 degrees C ambient

* A good quality 2.5A power supply can be used if downstream USB peripherals consume less than 500mA in total.

My plan is to build a 4 Node Docker Cluster.

Claranet named in Gartner’s Magic Quadrant for Data Center Outsourcing and Hybrid Infrastructure Managed Services, Europe for second year

Claranet has been positioned in Gartner’s Magic Quadrant for “Data Center Outsourcing and Hybrid Infrastructure Managed Services, Europe” (DCO/HIMS), for the second successive year.

In this Magic Quadrant, Gartner analyses the ability to execute and completeness of vision of 20 DCO/HIMS providers and their cloud service offerings, worth more than $23 billion in annual revenue in Europe. We believe this reflects the steps that Claranet is taking to provide the right combination of services to help businesses transform their operations, stay secure, and quickly adapt to changing customer needs.

Commenting on the company’s placement in the Magic Quadrant, Charles Nasser, CEO of Claranet, said:

We are very pleased to be recognised in this 2019 Gartner Magic Quadrant for the second year in a row and believe this underlines the progress we have made in growing our business. We have invested heavily in hiring the best expertise and use automation to transform our customers’ operations.”

Over the last year we have also continued to broaden our skills in cybersecurity, encapsulated by our acquisition of global penetration testing and ethical hacking training experts NotSoSecure in July 2018. Since then, we have consolidated our security expertise by forming the Claranet Cyber Security unit. This has been coupled with sustained activity to further build our existing partnerships and closely integrate our hybrid cloud, cybersecurity, and network services.”

We are committed to our status as one of only five companies in the world that has the highest audited MSP certifications from AWS, Google, and Microsoft. This highlights the depth and breadth of our expertise that is instrumental in driving the growth of our hybrid cloud practice and delivering superior results for our customers,” he continued.”

The Gartner Magic Quadrant assessment offers in-depth reviews of markets and vendor offerings, enabling users to map vendor strengths and weaknesses against their current and future needs. Gartner evaluates technology providers on both completeness of vision and the ability to execute using a series of weighted criteria.

Nasser concluded:

“Our mission is to help organisations make the most of current and emerging technologies and practices, by providing unmatched expert local service. Our aim is to offer a different way of data centre outsourcing that supports our customers as their requirements evolve. It’s also about the calibre of our people that ensures our customers experience efficient, trouble-free migrations and the right ongoing management of their applications.”

For more information about the Magic Quadrant:

button_click-here.png

Half of businesses lack skills needed to effectively manage cloud security, says Claranet research

Migration to hyperscale providers is commonplace, but disconnect between cloud adoption and awareness of cloud security remains.

A new survey by global technology services provider Claranet has found that half of UK businesses do not have full in-house capability to manage security in the cloud. This is despite the fact that cloud adoption is now commonplace in the majority of organisations, and is showing no signs of abating. The findings illustrate how many companies have still not found an effective way to marry the full benefits of cloud with a comprehensive cybersecurity strategy.

The research was carried out by Vanson Bourne and surveyed 100 IT decision-makers from UK-based organisations with more than 1,000 employees. 50 per cent of those polled said that they do not have the skills in-house to manage cloud security, with 52 per cent saying that they have incomplete awareness of how their organisation’s security posture in the cloud affects their overall IT security. This is despite the fact that 79 per cent of businesses have either already migrated application workloads to hyperscale cloud providers, or are currently in the process of doing so.

Commenting on the findings, Sumit (Sid) Siddarth, Director at Claranet Cyber Security said:

Businesses that have not engaged with cloud in some way are now few and far between, with hyperscalers having established a dominant position in the cloud market. Organisations are making significant progress with planning and carrying out these migrations, but our research has shown that there’s a very real danger of security being left behind as part of this process.”

The self-provisioning aspects of public cloud are beneficial in many ways, but they can also lure businesses into a false sense of security. The big hyperscalers have a lot of sensible defaults to help guard against threats, but if internal IT teams without the requisite skills create these environments themselves, mistakes can still occur. We have already seen a number of security breaches due to insecure permissions set on cloud storage, be it S3 buckets or Azure blobs. Other examples include attackers compromising cloud infrastructure to spin up bitcoin mining rigs.”

To help plug this gap in in-house skills, Siddarth believes that businesses need to re-evaluate their approaches to both cloud and security, and make sure that they consider both as being part of the same IT ecosystem, rather than being separate challenges that are tackled independently of one another. This should include efforts to upskill in-house staff, and also the formation of collaborative partnerships with external experts who are well-versed in the specifics of secure cloud migration.

He added:

Migrating to cloud is often a complex process, so it’s important to invest a lot of manpower in it. However, there should be no excuse for neglecting security considerations, especially given the current threat landscape and the fact that hackers are seeing cloud as an increasingly lucrative target. Working with partners can be hugely advantageous here, as they can bring the added expertise needed to work through the more complex aspects of secure cloud migration, such as developing infrastructure as code to guard against mistakes being made.”

Also key to addressing this skills gap in the long term is engaging with third parties to implement holistic training programmes focusing on the unique challenges and intricacies of cloud security. By investing in this area, businesses can ensure that they build applications that are fully cloud-ready from the outset, and foster a philosophy which incorporates security into any cloud migration activity.”

Siddarth concluded:

Cloud’s continued rise is inexorable, so it’s important that organisations act now to shore things up from a security perspective. With the right focus on raising skill levels and sealing gaps in knowledge, this is very much a realistic aim.”

Claranet Builds on Google Cloud MSP Initiative

Claranet, today announced that it has deepened their standing in the Google Cloud MSP Initiative as a premier partner, giving Google Cloud customers the ability to drive more value from their Google Cloud investment.

As a Google Cloud Managed Services Provider, Claranet offers customers mature technical support operations with robust lifecycle services helping them to learn, grow and scale.

Key features include:

  • 24/7 Support
  • FinOps – Optimisation of customers’ cost profiles
  • CloudOps – Transformation across customers’ internal teams, technology and resources

Tanaz Gould, Consultancy Director at Claranet, commented:

Google Cloud is a strategically-important partner for us and our rapidly-growing cloud practice, and, as such, we are delighted to be part of Google Cloud’s updated MSP program. Our increasingly-close links with the team at Google Cloud, and their ongoing support and training, have been integral to our success with Google Cloud Platform and ensuring that we can continue to help our customers do amazing things. We have secured a spate of new business wins in 2018, seeing our Google Cloud-linked pipeline increase by 250%, and we see no reason why we can’t achieve the same rate of growth again in 2019.”

For more information about Claranet’s Google Cloud Platform consulting and managed services, visit: https://www.claranet.co.uk/hosting/google-cloud-platform-consulting-and-managed-services.