Mushrif Mall Mega Sale a success

Flash sale offered discounts up to 75% in selected stores

Mushrif Mall saw enthusiastic shoppers exploring attractive deals and discounts across selected brands during the ‘Mushrif Mall Mega Sale’ for 24 hours while enjoying live entertainment recently.

According to Aravind Ravi Palode, Mall Manager of Mushrif Mall, the24-hour mega sale was a memorable shopping experience and patrons enjoyed live entertainment, F&B offers and activities for all age groups through the night while shopping from over 200 luxury fashion retailers in the mall.

Visitors also had an opportunity to win exciting prizes during the sale. Mushrif Mall, located on Airport Road, Abu Dhabi hosts renowned brands and a wide range of dining outlets, hypermarket and service outlets spread over three levels of mall.

 

Ramadan and Eid events take centre stage in Abu Dhabi & Al Ain Malls

Malls under the Line Investments & Property LLC to host a diverse range of activities to make the holy month special this year

Ramadan is a special time for residents and as part of the celebrations, malls under the portfolio of Line Investments & Property are welcoming visitors with Ramadan decorations as well as a variety of entertainment options during the holy month and for Eid ul Fitr celebrations.

Wajeb Al Khoury, Director of Line Investments and Property LLC said, “Our malls are marking Ramadan with a diverse range of activities to make this month a memorable one for families. Numerous festive treats, sales, discounts and activities await mall visitors during the Eid holidays catering to the local communities.”

With over 350 brands to choose from, shoppers at Al Wahda Mall can delight in shopping while capturing Ramadan deco in different parts of the mall. The mall will celebrate Eid across three days with fun traditional and modern roaming entertainers.

Mushrif Mall in Abu Dhabi is also decked up in Ramadan colours and deco and currently has a popular dates festival in the mall’s market area. The mall will be hosting Eid activities that include traditional and modern Arabic stage shows over the 3 days.

 Khalidiyah Mall during Ramadan days have created a host of traditional, cultural and interactive activities organized for customers. The entire exterior and interior of the mall is decked up themed around Ramadan with families enjoying the kids’ corner. During the Eid holidays, guests can also visit the mall to see the different performances and roaming activities.

On the outskirts of Abu Dhabi, Al Raha Mall will also have surprises during this season for mall visitors. The mall has organized an exciting kids area for art and crafts, activities like card making for Eid, coloring, face painting, balloon bending, magic shows to entertain the kids as well as dance performance for the mall visitors during shopping as entertainment which includes the Dabka, Shandelier, Shamadan and butterfly dance etc.

Madinat Zayed will be the perfect venue for visitors during the Eid festival for those looking for a traditional souk experience. For traditional Eid gifts, guests can head to the Gold souk area for a wide variety of jewellery in traditional and contemporary designs as well as local wares from home grown brands.

Mazyad Mall over Eid will be having a variety of Russian, Brazilian, Mexican, masquerade, carnival and fusion dance shows as well as family games and competitions. Families can take part in competitions and win vouchers. They can also enjoy games such as darts, bowling, golf and shootout as well as a face painting and henna corner.

In Al Ain, Al Foah Mall will be hosting kids activities throughout the month of Ramadan and during Eid, the mall will have games, magic shows, Tanura dance, mascots, hip-hop dancers and jugglers.

Bargain hunters will be delighted to know that the Barari Outlet Mall in Al Ain will be having 24-hour sales over the Eid period starting 5th of June and ending on the 6th of June. The Barari Outlet Mall has a lineup of exciting activities for the three days of Eid that includes kids workshops (sand art, coloring & free kids drawing), clown Show, clown balloon bender, mascots of different characters, magic show, a butterfly show, Tanura show and a Latino dance show.

With a host of new events and activities planned throughout the year in the different malls, Line Investments & Property LLC reiterates its commitment to invest in both community outreach activities as well as to enhance the retail experience for mall patrons.

AESG Helps Achieve Regions First WELL™ Gold Certification for Xworks New Offices

Xworks Interiors LLC is now the only organization in the region to have successfully achieved Gold level certification in both the LEED and WELL standards

In a demonstration of its commitment to the human-centric design approach,Xworks Interiors LLC, a Dubai-based interior company specialised in commercial interiors, commercial fit outs and office furniture, has become the first company in the Middle East to achieve the WELL™ Gold accreditation for their new offices. The certification – made possible by the expertise and support of AESG, a world leading Specialist Consulting, Engineering and Advisory firm- recognizes the design elements, policies and investments that Xworks Interiors LLC has made to ensure its Dubai-based headquarters improves the health and well-being of employees.

WELL is a performance-based system for measuring and certifying features of the built environment that impact human comfort and wellness, through air, water, nourishment, light, fitness, comfort and mind. WELL is administered by the International WELL Building Institute®(IWBI®), a public benefit corporation whose mission is to improve human health and well-being through the built environment.

“Xworks Interiors LLC’s competitive differentiator as an interior contracting company has always been our unmatched value and expertise. Being the only organization in the region to achieve Gold level certification in both the LEED and WELL standards, is validation of our commitment to advancing interior design through the incorporation of international standards and best practices,” explained Soren Kraen, Executive Director and owner at Xworks Interiors LLC.

Unlike many other green building certification schemes, WELL is a performance-based rating, assessing the actual performance of the space post-occupancy prior to certification. This reduces the performance gap between design, construction and operation and ensures correct application and implementation of health and well-being features. While a performance-based rating provides a more robust assessment, it also poses additional challenges. AESG effectively addressed these challenges through comprehensive monitoring and testing during the construction and handover stages, identifying any risks to non-compliance and providing mitigation and remediation measures to assure the attainment of the desired certification level.

AESG worked to incorporate several innovative design features in the Xworks office, many of which are first in the region. Extensive daylight modelling of the office has ensured that all workstations are optimized to take in natural light. The office is furnished with economical, environmentally friendly Danish furniture, such as sit-stand desks, which contributes to high levels of indoor air quality and appealing aesthetics. AESG also executed comprehensive air and water quality testing to ensure the office’s compliance with the IWBI’s strict thresholds.

In addition to design and construction features, WELL considers operational policies and procedures as part of the certification scheme. This unique approach requires “out-of-the-box” thinking to apply the requirements of WELL features within the context of the project. Through a practical and proactive approach, AESG provided clear advice and guidance on the development of operational policies that would enhance the well-being of employees, while remaining within the constraints of the clients’ operations. These policies included the provision of sit-stand desks; having the freedom of selecting their own chairs; offering employees a 50% subsidy on Fitbit activity trackers and organizing intra-office competitions to encourage employees to stay fit while also fostering a healthy level of camaraderie and competition in the office.

Other examples of innovative measures that AESG introduced into the project include the provision of longer maternity and paternity leave for Xworks Interiors LLC’s employees, childcare subsidy vouchers, dedicated time off for volunteering and regular employee well-being surveys.

Building on its established track record as the region’s leading specialist consultancy, AESG are pleased to now be leading the field within the Health and Well-being sector. “We are proud to be the first consultancy to achieve WELL Gold certification in the Middle East,” said Saeed Al Abbar, Director at AESG who is confident that the number of WELL accredited facilities in the region is set to grow at an exponential rate.

“This approach is especially beneficial in the Middle East, where people spend the majority of their time indoors. The biggest asset to any organisation is its employees and therefore providing a working environment that is conducive to improved physical and mental health, cognitive function, productive as well as morale is a win-win for companies, employees and the wider community.” he added.

The Closing Speed of Transformation

Author: Dave Russell, Vice President, Enterprise Strategy at Veeam

 

We all know that software and infrastructure don’t typically go away in the data center. You very rarely decommission something and bring in all new gear or stop the application to completely transition over to something else. Everyone’s in some sort of hybrid state. Some think that they’re transitioning, and many hopefully even have a plan for this.

Some of these changes are bigger, take longer, and you almost need to try them and experience them to have success in order to proceed. I’ve heard people say, “Well, we’re going to get around to doing X, Y, and Z.” But they are often lacking a sense of urgency to experiment early.

A major contributor to this type of procrastination is that changes that appear to be far off, arrive suddenly. The closing speed of transformation is the issue. Seldom do you have the luxury of time; but early on you are seldom compelled to decide. You don’t sense the urgency.

It is not in your best interest to say, “We’re just going to try to manage what we’ve got, because we’re really busy. We’ll get to that when we can.” Because then, boom, you’re unprepared for when you really need to actually get going on something.

A perfect example is the impact of the cloud on every business and every IT department. The big challenge is that organizations know they should be doing something today but are still struggling with exactly what to do. In terms of a full cloud strategy, it’s oftentimes very disaggregated. And while we’re going on roughly a decade in the cloud-era, as an industry overall, we’re still really in the infancy of having a complete cloud strategy.

In December of last year, when I asked people, “What’s your cloud strategy? Do you have one? Are you formulating one?” The answer was unfortunately the same response that they’ve been giving for the last eight years… “Next year.” The problem is that this is next year, and they are still in the same state.

When it comes to identifying a cloud strategy, a big challenge for IT departments and CIOs is that it used to be easy to peer into the future because the past was fairly predictable — whether it was the technology in data centers, the transformation that was happening, the upgrade cycle, or the movement from one platform to another. The way you had fundamentally been doing something in the past wasn’t changing with the future. Nor did it require radically different thinking. And it likely did not require a series of conversations across all of IT, and the business as well.

But when it comes to the cloud, we’re dealing with a fundamental transformation in the ways that businesses operate when it comes to IT: compute, storage, backup, all of these are impacted.

Which means organizations working on a cloud strategy have little, to no historical game plan to refer to. Nothing they can fall back on for a reference. The approach of, “Well this is what we did in the past, so let’s apply that to the future,” no longer applies. Knowing what you have, knowing what your resources are, and knowing what to expect are not typically well understood with regards to a complete cloud transformation. In part, this is because the business is often transforming, or seeking to become more digital, at the same time.

With the cloud, you often have limited, or isolated experiences. You have people who are trying to make business decisions that have never been faced with these issues, in this way, before.

Moving to absolute virtualization and a hybrid, multi-cloud deployment means that when it comes time to set a strategy you have a series of questions that need to be answered:

  • Do you understand what infrastructure resources are going to be required? No.
  • Do you understand what skills are going to be needed from your people? No.
  • Do you know how much budget to allocate with clarity, today, and over time? No.
  • Do you know what technologies are going to impact your business immediately, and in the near-term future? No.

Okay, go ahead and make a strategy now based on the information you just gave me, four No answers in a row. That’s pretty scary.

On top of this, data center people tend to be very risk averse by design. There’s a paralysis that creeps in. “Well, we’re not sure how we should get started.” And people just stay in pause mode. That’s part of why we see Shadow IT or Rogue IT. Someone says, “Well, I’m going to go out and I’m just going to get my own SaaS-based license for some capability that I’m looking for, because the IT department says they’re investigating it.”

Typically, what happens is the IT department is trying to figure that out, trying to get a strategy, investigate the request. But in the meantime, they say, “No.” Now the IT becomes the department of “no” and is not being perceived as being helpful.

To address this issue head on, you need to apply an engineering mindset. Meaning, that you learn more about a problem by trying to solve it. In absence of having a great reference base, with something that can easily be compared to, we should at least get going on what is visible to us, and that looks to be achievable in the short term.

An excellent example in the software as a service (SaaS) world is Microsoft Office 365. Getting the on-premises IT people participating in this can still be a challenge. As the SaaS solutions start to become more and more implemented, they’re sometimes happening outside of the purview of what goes on in the data center. This can lead to security, pricing and performance and Availability issues.

Percolate that up, what’s the effect of that? What does that actually mean? It means that the worst-case scenario is you’ve got an outcome of where the infrastructure operations people are increasingly viewed as less and less strategic going forward, because if you take this out to the extreme, you’ll end up being custodians of legacy implementations and older solutions. All while numerous other projects are being championed, piloted, put in to production and ultimately owned, by somebody else; perhaps a line of business that is outside of IT.

That’s where you see CIOs self-report that they think more than 29% of their IT spending is happening outside of their purview. If you think about that, that’s concerning. You’re the Chief Information Officer (CIO). You should know pretty close to 100% of what’s going on as it relates to IT. If your belief is that approaching a third of IT spending happens elsewhere, outside of your control, and that this outside spending is not really an issue, then what are you centralizing? What are you the Chief of, if this trend continues?”

The previous way of developing a strategic IT plan worked well in the past when you had an abundance of time. But that is no longer the case. Transformation is happening all around us and inside of each organization. You can’t continue to defer decisions. IT is now a critical part of the business; every organization has become digital and the cloud is touching everything. It is time to step up, work with vendors you trust, and move boldly to the cloud.

 

How Can the Channel Address Challenges Faced by Customers?

By K.S. Parag Managing Director, FVC

 

Enterprise technology is a booming industry and companies are creating software and hardware that better meets the needs of their customers and solves the problems they face. But the industry isn’t without its problems.

Enterprise technology as an industry faces many issues that are threatening the success of new software and new businesses. From cloud to customer demands, some of the biggest challenges in enterprise technology right now includes outdated UI/UX, mixing cloud and on-premise services, standing out of the crowd, following consumer technologies, catering to one customer, balancing feedback and focus, and lots more.

In such a scenario, companies often turn to their solution providers and partners for solutions to their key problems. Thus, your team as a channel partner has to come up with answers that are flexible and as per the requirement of the situation. You also have to give your team some leeway where, in the interest of your company’s reputation, they would be able to serve your customers better.

Customer service in today’s world is an essential part of a company. With the increasing competition in all industries, the challenge is to deliver high-quality solutions accompanied by great customer service. However, this task is not a piece of cake.

Here are some suggestions on how you, as a channel partner can efficiently address challenges faced by your customers:

Understand Your Customer’s Expectations

The first and possibly the biggest challenge is to understand the diverse and constantly changing customer expectations. Since customers can be diverse by gender, race, age, generation, and so on, it is very critical to speak to your customers to understand their specific problems. Always approach them with a “no one size fits all” strategy. It is important for a business to get to know its clients, customers, and consumers. Find out their needs, expectations, preferences, opinions, and suggestions for improvement.

Reach Out to Your Customers

Researching and gathering data about your customers is paramount to solving their problems. There are plenty of ways to advertise and get through the customers. Use a mix of print media, radio, television, phones, email, social media and of course, face-to-face campaigns to reach out to your customers. Indulge in surveys, competitions and so on to gather information about your customers’ pain points, so you are better prepared to address those problems. Implementation of a customer feedback service and gathering data from customers will help you understand and work towards better customer experience.

Consistency

Consistency is probably the most difficult challenge to achieve. Great customer service must be delivered to all customers, across all business channels, 24/7. Each and every experience of each and every customer must be equally good. What affects customer satisfaction are cumulative experiences across multiple touch points and in multiple channels over time. Hence, consistency can be achieved by having clear-cut policies on delivering great customer service.

Exceed Customer Expectations

As a channel partner, it is not just enough to meet your customer’s expectations. The fact that these expectations are constantly changing, you must then be always a step ahead. You need to understand that the expectations of customers are set by your competitors. Stay ahead of the competition by being updated with new initiatives and suggestions based on customer feedbacks and current industry trends.

Employ Skilled Professionals

Having a skilled workforce is the best thing a channel partner could ever have. However, you also need to understand that though hiring skilled employees is one thing, retaining them is another. Companies must have structured programs to teach and train new hires about company policies, values, culture and practices in dealing with customers. Additionally, considering that customer service is one of the most stressful jobs, companies must also provide benefits that offer work-life balance and support lifestyle activities that can reduce stress and boost productivity.

Saudi Arabia’s Hoshan Holding Partners with Seidor to Become the Kingdom’s First Adopter of SAP S4 HANA Public Cloud

Hoshan Holding fuels digital transformation by migrating from SAP ECC to SAP S4 HANA Public Cloud. The company will benefit from AI-powered decision-making capabilities, optimized business processes and reduced cost of ownership

Seidor, a global system integrator that provides SAP Consulting services, has announced that Hoshan Holding, widely recognized as one of the largest holding companies in the Middle East, has become the first Saudi company to implement SAP S4 HANA for Public Cloud. The group will also integrate SAP SuccessFactors and SAP Cloud for Real Estate, to digitally transform the company’s capabilities and offerings in Saudi and the United Arab Emirates (UAE).

The latest ERP solution from SAP, SAP S4 HANA is a next-generation business suite with built-in artificial intelligence (AI), that will empower Hoshan Holding employees to capture every opportunity, while optimizing business functions across the entire enterprise. SuccessFactors will allow coverage of the entire talent-acquisition lifecycle from onboarding to offboarding, and SAP Cloud for Real Estate will turbo-charge the company’s asset management and insights.

Among the many benefits Hoshan Holding will reap from Seidor’s integration of next-gen SAP solutions into its technology stack is the “significant lowering of cost of ownership”, which was cited by Khalid AlBabtain, Board Member, Hoshan Holding, as a major impetus in selecting a cloud solution.

“For many years, we ran our core ERP on SAP ECC,” he said. “While the solution met all our business needs, we felt there was a need to move to a more simplified, standardized and agile environment with an enhanced UX and, at the same time, migrate to the cloud, which reduces our cost of ownership. SAP S4 HANA Public Cloud solution also requires less implementation time, delivers global standard processes, provides a more coherent roadmap for future solutions, demands less maintenance, and reduces other costs, such as hardware expenditure.”

Seidor has 35 years of experience in implementing SAP solutions around the world. Given SAP’s decision to stop support of SAP ECC, beginning in 2025, Seidor MENA, based in Dubai, UAE, is taking a leading role in the region’s digital transformation, helping organizations across the Middle East and North Africa (MENA) region leverage SAP S4 HANA to reinvent their business processes and optimize delivery of products and services.

“With SAP ECC soon reaching end of life, all roads lead to SAP S4 HANA. Organizations have several migration options available but unfortunately most businesses in the region are either not aware of all the options or are unsure of which strategy would be best suited for their business,” said Ignacio Ruiz de Equilaz, Managing Director, Seidor MENA. “In this respect Hoshan Holding serves as an excellent example of an organization that has worked closely with Seidor and taken the step of migrating their core business systems to the SAP cloud, realizing unprecedented leaps in their agility and the speed at which they can innovate—vital capabilities in the new global digital economy.

“Seidor’s values are built around world-class quality and delivery of all the very latest offerings from SAP, along with best-in-market consultancy, provided by our experts in solutioning. Taken together with our global reach and regional presence, MENA customers such as Hoshan Holding can be assured of a true digital-transformation partner that is ready to guide them, on their migration journey, to new standards of security, optimization and empowerment, “continued Ruiz de Equilaz.

Hoshan Group’s SAP implementation roadmap covers its KSA headquarters, as well as branches in the UAE, Oman, Kuwait, Qatar, Bahrain, Kenya and Morocco. Phase 1 of implementation was conducted in KSA and UAE simultaneously, involving five separate company codes and 28 plants. SAP S4 HANA Public Cloud modules deployed were Finance, Sales Order to Cash, Procure to Pay, and Inventory. SAP Cloud for Real Estate and SuccessFactors modules included Payroll and Employee Central. A further six locations―Oman, Kuwait, Qatar, Bahrain, Kenya and Morocco—will follow in subsequent deployment phases.

“Hoshan Holding, in its search for a solution that delivered best-in-class industry processes and decision-making capabilities, found in SAP S4 HANA Public Cloud a robust, consistent, easy-to-use tool that optimizes daily operations and frees up employees to focus on the more intellectual parts of their jobs,” Ruiz de Equilaz added. “This is digital transformation in action.”

Hoshan Holding plans to continue its partnership with Seidor as it grows into new markets. The company also intends an expansion of its SuccessFactors implementation to include other talent-management modules.

Capillary Technologies Strengthens Data Security Commitment to Customers

Achieves Coveted PCI DSS Security Certification

As a leading cloud-based CRM, Loyalty and Ecommerce platform provider, Capillary Technologies has put their customer’s security requirements at the forefront. Capillary has achieved the world’s highest security standards with the Payment Card Industry Data Security Standard (PCI DSS) certification, to ensure that their customers data is highly secure at all times, no matter where they shop. The PCI DSS certification mandates organizations to have a secure network with more than 300 data protection procedures and standards incudling firewalls, antivirus, SIEM, and Data Loss Prevention, in addition to ongoing scans and vunerability assessments every quarter.

“Being a CRM, Loyalty and an Ecommerce platform provider means that Capillary is involved in financial transactions in one form or another, while holding sensitive customer information and business data,” said Shailendra Singh, CISO at Capillary Technologies. “To put this into perspective, we process around US$15 billion worth of happy retail purchases every year for more than 400 brands across 30 countries. The onus is on us to keep this sensitive data secure and give our customers peace of mind. The way forward was to ensure that we meet world class data security standards and the PCI DSS Certification is one way to ensure that our customers are always consumer ready and that their data is safe at all times.”

In the post GDPR era, data security has become a key concern for consumers and organizations alike. With the advent of the digital ‘shopping universe’ consumers now have access to a number of touch points to interact with their favourite brands and retailers. This trend has led to a rapid increase in consumer data being generated in the form of financial and personal data and buying preferences. Additional data generated instore by AI-driven footfall counters takes this data to a new level and includes details like facial recognition, demographics, height, etc which results in brands, retailers and ecommerce platforms storing more and more sensitive data. Ensuring their customer data is secure has become a paramount concern.

With the region’s Ecommerce sector booming, it is expected to be worth US$69 billion by 2020, almost doubling in size in just a few years, according to PayFort. This translates into Ecommerce platforms possessiong billions worth of sensitive customer data, and raises the urgent need for brands to ensure this data is secure.

The PCI DSS certification is focused on technical evaluation of an organization to ensure that its architecture is well-designed to minimize security breaches. The certification is a significant accomplishment for Capillary Technologies in which it has demonstrated its commitment to ensure the highest compliance to securing it’s customers’ data. Capillary Technologies is also ISO 27001:2013 certificated in addition to being PCI DSS Version 3.2.1 certified.

“As Capillary continues to grow and our products evolve, the need for being compliant with the most stringent security standards became our primary goal. Being PCI DSS compliant was one of them. Being PCI DSS compliant with its 300 plus standards helps organizations to ensure that the data is always protected and consumers can transact in a secure environment”, added Singh.

 

Safeguarding Your Organization from Attacks Via Your Third-Party Vendors

Author: Morey Haber, Chief Technology Officer & Chief Information Security Officer, BeyondTrust

Realizing that most large organizations today have sophisticated security defenses, bad actors are beginning to target third-party vendors, as a means to gain access to an enterprises’ network. In fact, in 2018, over 11 significant breaches were caused by exploitation of third-party vendors and according to Carbon Black’s 2019 Global Incident Response Threat Report, 50% of today’s attacks leverage what they call, “island hopping”, where attackers are not only after an enterprises’ network, but all those along the supply chain as well[1].

IT admins, insiders, and third-party vendors need privileged access to perform their roles, but this shouldn’t mean ceding control of the IT environment to them. Organizations typically allow vendors to access their networks to perform a variety of different functions. However, this privileged access should be secured to the same (or higher) extent as the organization’s internal privileged users. Neglecting to do so will create a weak spot in your organization’s security that is ripe for exploit.

Because organizations typically use IT products and software solutions from a variety of vendors, IT is tasked with the enormous burden of having to secure remote access for these vendors, so that they may provide maintenance and troubleshooting for their products. As a consequence, organizations are faced with the dilemma of having to provide the needed access while also guarding against malware and bad actors entering through third-party connections.

Given that third-party vendors are an integral part of most organizations’ ecosystem―something that isn’t going to change anytime soon—there are seven steps you can take to exert better control over third-party vendor network connections and secure remote access.

Monitor & examine vendor activity

First, it’s imperative to scrutinize third-party vendor activity to enforce established policies for system access. You want to understand whether a policy violation was a simple mistake, or an indication of malicious intent. You should implement session recording to gain complete visibility over a given session. And finally, you should correlate information so that you have a holistic view that enables you to spot trends and patterns that are out of the ordinary.

Here are some ways to approach monitoring:

  • Inventory your third-party vendor connections to understand where these connections come from, what they are connected to, and who has access to what
  • Look for firewall rules that permit inbound connections for which you are unaware
  • Perform vulnerability scans on your external-facing hosts to search for services that are listening for inbound connections
  • Validate that your enterprise password security policies apply to accounts on inbound network connections
  • Implement policies and standards specific to third-party issues, and use technical controls to enforce them
  • Monitor for any security deficiencies and then address them

Limit network access

Most of your vendors only need access to very specific systems, so to better protect your organization, limit access using physical or logical network segmentation and channel access through known pathways. You can accomplish this by leveraging a privileged access management solution to restrict unapproved protocols and direct approved sessions to a predefined route. 

Apply multiple robust internal safeguards

As with other types of threats, a multi-layered defense is key to protecting against threats arising from third-party access. Apply encryption, multi-factor authentication (MFA), and a comprehensive data security policy, amongst other measures.

Educate your internal and external stakeholders

On average, it takes about 197 days for an organization to realize that it has been breached. A lot of damage can be done in 197 days. Educate across the enterprise and continually reinforce the message that the risks are real.

Conduct vendor assessments

Your service-level agreement (SLA) with third-party vendors should spell out the security standards you expect them to comply with, and you should routinely review compliance performance with your vendors. At a minimum, your vendors should implement the security basics, such as vulnerability management. You should also enforce strong controls over the use of credentials—always with a clear line-of-sight into who is using the credential, and for what purpose.

Authenticate user behavior

Vendor and partner credentials are often very weak and susceptible to inadvertent disclosure. Therefore, the best way to protect credentials is to proactively manage and control them. You can do this by eliminating shared accounts, enforcing onboarding, and using background checks to identity-proof third-party individuals that are accessing your systems.

Prevent unauthorized commands & mistakes

One step you want to take is to broker permissions to various target systems using different accounts, each with varying levels of permission. You should restrict the commands that a specific user can apply, via blacklists and whitelists, to provide a high degree of control and flexibility. To this end, use a privileged access management solution, enable fine-grained permission controls, and enforce the principle of least privilege (PoLP).

Vendor access is often inadequately controlled, making it a favored target of cyberattackers. By layering on these seven steps, you can exert better control over third-party access to your environment and make significant progress toward reducing cyber risk.

Nutanix Expands Multi-cloud Solution Portfolio

Expansion Empowers Customers to Deliver and Protect Apps and Desktops from the Cloud of their Choice

Nutanix, Inc. (NASDAQ: NTNX), a leader in enterprise cloud computing, today announced the continued evolution of its offerings across private and public clouds, further making multi-cloud computing a reality for its customers. With today’s news, Nutanix is extending its Xi Frame desktop-as-a-service solution from the public cloud to the private cloud, enabling the delivery of apps and desktops in a true hybrid cloud environment. In addition, the company is announcing new functionality and additional planned availability zones for its cloud-based disaster recovery (DR) service, Xi Leap.

According to the IDC InfoBrief, sponsored by Nutanix, “Surviving and Thriving in a Multi-cloud World,” multi-cloud deployments are now the norm for enterprise organizations — less than 30% of customers report using single cloud environments. Most customers leverage different cloud platforms across multiple service providers. The interoperability of data and applications between these varied cloud environments is growing in importance, and yet access to hybrid cloud capabilities where a single application runs across clouds remains elusive to most organizations. As companies eagerly seek out ways to make the multi-cloud environment a reality, these new updates from Nutanix provide additional capabilities to streamline the implementation of their cloud services deployments.

Introducing Nutanix Xi Frame for the Private Cloud

With Nutanix Xi Frame, customers can already access applications and virtual desktops from popular public clouds like AWS and Azure simply and easily, using any browser and any device. With the latest Xi Frame update running on the Nutanix AHV hypervisor, customers can now extend desktop delivery to their Nutanix private cloud, integrating virtual desktop infrastructure (VDI) services with the Nutanix Enterprise Cloud platform. Xi Frame desktops can be simultaneously delivered via multiple clouds and managed via a single console for seamless control and administration, providing a true hybrid experience.

In addition to being available to users on AWS and Azure, Xi Frame is now also available to customers worldwide for Nutanix private cloud deployments using AHV. Customers can provision 1000s of virtual desktops in minutes, as opposed to weeks, enabling them to improve the economics, speed and scale of desktop delivery. IT teams can now select the right cloud — public or private — for their VDI initiatives. 

Extending the Reach of Cloud-based DR to More Regions with Nutanix Xi Leap

As enterprises continue to embrace cloud services, and enterprise infrastructures become more virtual, data and IT operations are rapidly migrating to the cloud. When done right, cloud-based disaster recovery is an attractive strategy for any size organization to protect their business critical applications. Nutanix Xi Leap extends the enterprise datacenter to the cloud, allowing IT teams to harmonize public and private clouds and deliver enhanced availability for critical data and applications. Customers get a natively-integrated DR cloud service, and single pane management, to protect critical workloads running in the datacenter and in a cloud, delivering improved business continuity.

Nutanix is adding new capabilities to its Xi Leap DR service, including:

  • New Availability Zones: Nutanix Xi Leap is expanding beyond its current availability zones in U.S. West, U.S. East and the U.K. In the coming months, additional Xi Leap availability zones are expected to be available in Italy, through Nutanix’s partnership with Sparkle, the international services arm of Telecom Italia Group, as well as in Japan and Germany.
  • Support for ESXi: Xi Leap now also provides DR services for enterprise workloads running on Nutanix private clouds using VMware ESXi, making it even simpler to transform existing applications into a hybrid service.

“With previous disaster recovery systems, we weren’t able to achieve the performance we expected for virtual machine restoration and managing DR as a separate silo made our infrastructure more complex,” said Patrick Sudderth, Director of Technical Services, Lexipol. “Nutanix Xi Leap allows us to configure policies that automate the DR workflow directly within the Prism Console and restoration happens in a matter of minutes. No other DRaaS vendor can come close to the simplicity of execution we experience with Xi Leap.”

Securing Cloud Applications

Fundamental to delivering applications in a multi-cloud architecture is ensuring that applications remain secure — independent of the cloud infrastructure chosen. Comprehensive and automated compliance assessments are necessary to ensure application mobility between clouds. Xi Beam, a Nutanix SaaS offering that provides cloud governance, will include a realtime security compliance module designed to identify critical cloud infrastructure vulnerabilities and recommend specific remediation. With new security and compliance functionality, IT architects will be able to fix security risks before they impact the business.

“The multi-cloud world is the new reality for IT — it’s no longer up for debate. Customers need solutions that can bring together the full mix of public, private, and edge clouds that will soon make up their critical infrastructure without drowning them in needless complexity and unchecked costs,” said Sunil Potti, Chief Product and Development Officer, Nutanix. “By continuing to add new capabilities to our portfolio, we’re giving customers the freedom to deliver their applications and data from the cloud that makes the most sense for their business.”

Availability

Nutanix Xi Frame for Nutanix Enterprise Cloud Platform deployments using AHV is available now. Xi Leap services are currently live in several availability zones including U.S. West, U.S. East and the U.K. Additional availability zones are planned for Italy, Germany and Japan in CYQ3’19. Nutanix Xi Beam is already generally available for cloud governance and optimization. The real time security compliance capabilities in Xi Beam are currently available to certain customers in early access, with general availability expected in CYQ2’19.

Forward-Looking Statements

This press release contains express and implied forward-looking statements, including, but not limited to, statements regarding our business plans and objectives, new products, product features, services and technology that are under development or in process, including new availability zones for Nutanix Xi Leap and new security compliance capabilities of Nutanix Xi Beam, the capabilities of such products, product features, services and technology, and our plans to introduce such products, product features, services and technology in future releases, including the expected availability of the new Nutanix Xi Leap availability zones and the new security compliance capabilities of Nutanix Xi Beam. These forward-looking statements are not historical facts and instead are based on current expectations, estimates, opinions, and beliefs. Consequently, you should not rely on these forward-looking statements. The accuracy of such forward-looking statements depends upon future events and involves risks, uncertainties, and other factors beyond our control that may cause these statements to be inaccurate and cause actual results, performance or achievements to differ materially and adversely from those anticipated or implied by such statements, including, among others: failure to develop, or unexpected difficulties or delays in developing, new products, services, product features or technology in a timely or cost-effective basis; delays in the availability of new Nutanix Xi Leap availability zones and/or new security compliance capabilities of Nutanix Xi Beam; the introduction, or acceleration of adoption of, competing solutions; and other risks detailed in our quarterly report on Form 10-Q for our fiscal quarter ended January 31, 2019, filed with the SEC on March 12, 2019. Our SEC filings are available on the Investor Relations section of the company website at ir.nutanix.com and on the SEC’s website at http://www.sec.gov. These forward looking statements speak only as of the date of this press release and, except as required bylaw, we assume no obligation to update forward-looking statements to reflect actual results or subsequent events or circumstances.

Hybrid Cloud is the Future: 5 Tips to Companies in the Middle East for Successful Implementations

By Aaron White, Regional Director, Middle East at Nutanix

 

The Future is Hybrid Cloud

As enterprises demand stronger application mobility and interoperability, they are increasingly choosing hybrid cloud infrastructure (the combined use of private and public clouds with some degree of integration between the two cloud environments). While the advent of public cloud has increased IT efficiency in certain areas, hybrid cloud capabilities are the next step in providing the freedom to dynamically provision and manage applications based on business needs.

As per findings of Nutanix’s first annual global Enterprise Cloud Index[1], measuring enterprise plans for adopting private, hybrid and public clouds, enterprises plan to increase hybrid cloud usage, with 91% stating hybrid cloud as the ideal IT model, but only 18% stating they have that model today. The findings also revealed that application mobility across any cloud is a top priority for 97% of respondents – with 88% of respondents saying it would “solve a lot of my problems.” Additionally, the report found public cloud is not a panacea; IT decision makers ranked matching applications to the right cloud environment as a critical capability, and 35% of organizations using public clouds overspent their annual budget. When asked to rank the primary benefits of hybrid cloud, interoperability between cloud types (23%) and the ability to move applications back and forth between clouds (16%) outranked cost (6%) and security (5%) as the primary benefits.

White enterprises are turning to hybrid cloud to modernize IT for the digital era, given the significant complexity that still exists today in cross-cloud management and integration, many enterprises are struggling to create an effective hybrid cloud strategy.

Below are 5 tips that will provide guidelines to regional enterprises considering the move to a hybrid cloud model:

  1. A SINGLE INFRASTRUCTURE OR BIMODAL IT?

Supporting mode 1 (traditional) and 2 (next-gen) applications with separate infrastructure is called bimodal IT—and it’s a limiting, impractical process. Your hybrid cloud needs to support both seamlessly for a more agile infrastructure

  1. DON’T OVERLOOK DEVELOPMENT AND TEST RESOURCES

Be sure to include all IT resources dedicated to development work, including tools, repositories, build servers, and so on

  1. DON’T CHOOSE CLOUD PROVIDERS TOO SOON

Before you start thinking about a cloud provider, make a complete list of the environments you’ll need to give you an idea of what you’re doing on-prem. Remember, this is a 3-5 year commitment at least, so no rush!

  1. RECONCILING IT IDEALS AND REALITY

Enterprise IT is rarely perfect, but you can still optimize it with a tactical, practical cloud management approach. As you work toward implementing hybrid cloud, keep the lights on in your current environment.

  1. NEW TO DEVOPS? TIME TO GET FAMILIAR

As an enterprise, gaining a competitive advantage is a business necessity. To stay ahead of the curve, many enterprises from varying industries are getting serious about DevOps.

In conclusion, reliance on legacy datacentre architectures—whether you own the equipment and software or not—or getting locked into a specific infrastructure stack can add to technical debt, increase operating costs, and limit future flexibility. This is becoming a thing of the past. Hybrid cloud is the future. Hybrid cloud capabilities constitute a growing necessity in the dynamic, digital business climate, in which enterprises demand the freedom to dynamically provision and manage applications based on business needs. Reaching this ideal IT operating model will require more comprehensive hybrid vendor solutions, as well as greater expertise in designing, building, and operating hybrid clouds.

[1] Nutanix commissioned Vanson Bourne to survey IT decision makers about where they are running their business applications today, where they plan to run them in the future, challenges in setting up their cloud environments and how their cloud initiatives stack up against other IT projects and priorities. The survey resulted in approximately 2,300 respondents from multiple industries, business sizes and geographies in the Americas; Europe, the Middle East, Africa (EMEA); and Asia-Pacific and Japan (APJ) regions. To learn more about the report and findings, please download the full “Nutanix Enterprise Cloud Index 2018”,