Author: Morey Haber, Chief Technology Officer & Chief Information Security Officer, BeyondTrust

Realizing that most large organizations today have sophisticated security defenses, bad actors are beginning to target third-party vendors, as a means to gain access to an enterprises’ network. In fact, in 2018, over 11 significant breaches were caused by exploitation of third-party vendors and according to Carbon Black’s 2019 Global Incident Response Threat Report, 50% of today’s attacks leverage what they call, “island hopping”, where attackers are not only after an enterprises’ network, but all those along the supply chain as well[1].

IT admins, insiders, and third-party vendors need privileged access to perform their roles, but this shouldn’t mean ceding control of the IT environment to them. Organizations typically allow vendors to access their networks to perform a variety of different functions. However, this privileged access should be secured to the same (or higher) extent as the organization’s internal privileged users. Neglecting to do so will create a weak spot in your organization’s security that is ripe for exploit.

Because organizations typically use IT products and software solutions from a variety of vendors, IT is tasked with the enormous burden of having to secure remote access for these vendors, so that they may provide maintenance and troubleshooting for their products. As a consequence, organizations are faced with the dilemma of having to provide the needed access while also guarding against malware and bad actors entering through third-party connections.

Given that third-party vendors are an integral part of most organizations’ ecosystem―something that isn’t going to change anytime soon—there are seven steps you can take to exert better control over third-party vendor network connections and secure remote access.

Monitor & examine vendor activity

First, it’s imperative to scrutinize third-party vendor activity to enforce established policies for system access. You want to understand whether a policy violation was a simple mistake, or an indication of malicious intent. You should implement session recording to gain complete visibility over a given session. And finally, you should correlate information so that you have a holistic view that enables you to spot trends and patterns that are out of the ordinary.

Here are some ways to approach monitoring:

• Inventory your third-party vendor connections to understand where these connections come from, what they are connected to, and who has access to what
• Look for firewall rules that permit inbound connections for which you are unaware
• Perform vulnerability scans on your external-facing hosts to search for services that are listening for inbound connections
• Validate that your enterprise password security policies apply to accounts on inbound network connections
• Implement policies and standards specific to third-party issues, and use technical controls to enforce them
• Monitor for any security deficiencies and then address them

Limit network access

Most of your vendors only need access to very specific systems, so to better protect your organization, limit access using physical or logical network segmentation and channel access through known pathways. You can accomplish this by leveraging a privileged access management solution to restrict unapproved protocols and direct approved sessions to a predefined route. 

Apply multiple robust internal safeguards

As with other types of threats, a multi-layered defense is key to protecting against threats arising from third-party access. Apply encryption, multi-factor authentication (MFA), and a comprehensive data security policy, amongst other measures.

Educate your internal and external stakeholders

On average, it takes about 197 days for an organization to realize that it has been breached. A lot of damage can be done in 197 days. Educate across the enterprise and continually reinforce the message that the risks are real.

Conduct vendor assessments

Your service-level agreement (SLA) with third-party vendors should spell out the security standards you expect them to comply with, and you should routinely review compliance performance with your vendors. At a minimum, your vendors should implement the security basics, such as vulnerability management. You should also enforce strong controls over the use of credentials—always with a clear line-of-sight into who is using the credential, and for what purpose.

Authenticate user behavior

Vendor and partner credentials are often very weak and susceptible to inadvertent disclosure. Therefore, the best way to protect credentials is to proactively manage and control them. You can do this by eliminating shared accounts, enforcing onboarding, and using background checks to identity-proof third-party individuals that are accessing your systems.

Prevent unauthorized commands & mistakes

One step you want to take is to broker permissions to various target systems using different accounts, each with varying levels of permission. You should restrict the commands that a specific user can apply, via blacklists and whitelists, to provide a high degree of control and flexibility. To this end, use a privileged access management solution, enable fine-grained permission controls, and enforce the principle of least privilege (PoLP).

Vendor access is often inadequately controlled, making it a favored target of cyberattackers. By layering on these seven steps, you can exert better control over third-party access to your environment and make significant progress toward reducing cyber risk.

Expansion Empowers Customers to Deliver and Protect Apps and Desktops from the Cloud of their Choice

Nutanix, Inc. (NASDAQ: NTNX), a leader in enterprise cloud computing, today announced the continued evolution of its offerings across private and public clouds, further making multi-cloud computing a reality for its customers. With today’s news, Nutanix is extending its Xi Frame desktop-as-a-service solution from the public cloud to the private cloud, enabling the delivery of apps and desktops in a true hybrid cloud environment. In addition, the company is announcing new functionality and additional planned availability zones for its cloud-based disaster recovery (DR) service, Xi Leap.

According to the IDC InfoBrief, sponsored by Nutanix, “Surviving and Thriving in a Multi-cloud World,” multi-cloud deployments are now the norm for enterprise organizations — less than 30% of customers report using single cloud environments. Most customers leverage different cloud platforms across multiple service providers. The interoperability of data and applications between these varied cloud environments is growing in importance, and yet access to hybrid cloud capabilities where a single application runs across clouds remains elusive to most organizations. As companies eagerly seek out ways to make the multi-cloud environment a reality, these new updates from Nutanix provide additional capabilities to streamline the implementation of their cloud services deployments.

Introducing Nutanix Xi Frame for the Private Cloud

With Nutanix Xi Frame, customers can already access applications and virtual desktops from popular public clouds like AWS and Azure simply and easily, using any browser and any device. With the latest Xi Frame update running on the Nutanix AHV hypervisor, customers can now extend desktop delivery to their Nutanix private cloud, integrating virtual desktop infrastructure (VDI) services with the Nutanix Enterprise Cloud platform. Xi Frame desktops can be simultaneously delivered via multiple clouds and managed via a single console for seamless control and administration, providing a true hybrid experience.

In addition to being available to users on AWS and Azure, Xi Frame is now also available to customers worldwide for Nutanix private cloud deployments using AHV. Customers can provision 1000s of virtual desktops in minutes, as opposed to weeks, enabling them to improve the economics, speed and scale of desktop delivery. IT teams can now select the right cloud — public or private — for their VDI initiatives. 

Extending the Reach of Cloud-based DR to More Regions with Nutanix Xi Leap

As enterprises continue to embrace cloud services, and enterprise infrastructures become more virtual, data and IT operations are rapidly migrating to the cloud. When done right, cloud-based disaster recovery is an attractive strategy for any size organization to protect their business critical applications. Nutanix Xi Leap extends the enterprise datacenter to the cloud, allowing IT teams to harmonize public and private clouds and deliver enhanced availability for critical data and applications. Customers get a natively-integrated DR cloud service, and single pane management, to protect critical workloads running in the datacenter and in a cloud, delivering improved business continuity.

Nutanix is adding new capabilities to its Xi Leap DR service, including:

• New Availability Zones: Nutanix Xi Leap is expanding beyond its current availability zones in U.S. West, U.S. East and the U.K. In the coming months, additional Xi Leap availability zones are expected to be available in Italy, through Nutanix’s partnership with Sparkle, the international services arm of Telecom Italia Group, as well as in Japan and Germany.
• Support for ESXi: Xi Leap now also provides DR services for enterprise workloads running on Nutanix private clouds using VMware ESXi, making it even simpler to transform existing applications into a hybrid service.

“With previous disaster recovery systems, we weren’t able to achieve the performance we expected for virtual machine restoration and managing DR as a separate silo made our infrastructure more complex,” said Patrick Sudderth, Director of Technical Services, Lexipol. “Nutanix Xi Leap allows us to configure policies that automate the DR workflow directly within the Prism Console and restoration happens in a matter of minutes. No other DRaaS vendor can come close to the simplicity of execution we experience with Xi Leap.”

Securing Cloud Applications

Fundamental to delivering applications in a multi-cloud architecture is ensuring that applications remain secure — independent of the cloud infrastructure chosen. Comprehensive and automated compliance assessments are necessary to ensure application mobility between clouds. Xi Beam, a Nutanix SaaS offering that provides cloud governance, will include a realtime security compliance module designed to identify critical cloud infrastructure vulnerabilities and recommend specific remediation. With new security and compliance functionality, IT architects will be able to fix security risks before they impact the business.

“The multi-cloud world is the new reality for IT — it’s no longer up for debate. Customers need solutions that can bring together the full mix of public, private, and edge clouds that will soon make up their critical infrastructure without drowning them in needless complexity and unchecked costs,” said Sunil Potti, Chief Product and Development Officer, Nutanix. “By continuing to add new capabilities to our portfolio, we’re giving customers the freedom to deliver their applications and data from the cloud that makes the most sense for their business.”

Availability

Nutanix Xi Frame for Nutanix Enterprise Cloud Platform deployments using AHV is available now. Xi Leap services are currently live in several availability zones including U.S. West, U.S. East and the U.K. Additional availability zones are planned for Italy, Germany and Japan in CYQ3’19. Nutanix Xi Beam is already generally available for cloud governance and optimization. The real time security compliance capabilities in Xi Beam are currently available to certain customers in early access, with general availability expected in CYQ2’19.

Forward-Looking Statements

This press release contains express and implied forward-looking statements, including, but not limited to, statements regarding our business plans and objectives, new products, product features, services and technology that are under development or in process, including new availability zones for Nutanix Xi Leap and new security compliance capabilities of Nutanix Xi Beam, the capabilities of such products, product features, services and technology, and our plans to introduce such products, product features, services and technology in future releases, including the expected availability of the new Nutanix Xi Leap availability zones and the new security compliance capabilities of Nutanix Xi Beam. These forward-looking statements are not historical facts and instead are based on current expectations, estimates, opinions, and beliefs. Consequently, you should not rely on these forward-looking statements. The accuracy of such forward-looking statements depends upon future events and involves risks, uncertainties, and other factors beyond our control that may cause these statements to be inaccurate and cause actual results, performance or achievements to differ materially and adversely from those anticipated or implied by such statements, including, among others: failure to develop, or unexpected difficulties or delays in developing, new products, services, product features or technology in a timely or cost-effective basis; delays in the availability of new Nutanix Xi Leap availability zones and/or new security compliance capabilities of Nutanix Xi Beam; the introduction, or acceleration of adoption of, competing solutions; and other risks detailed in our quarterly report on Form 10-Q for our fiscal quarter ended January 31, 2019, filed with the SEC on March 12, 2019. Our SEC filings are available on the Investor Relations section of the company website at ir.nutanix.com and on the SEC’s website at http://www.sec.gov. These forward looking statements speak only as of the date of this press release and, except as required bylaw, we assume no obligation to update forward-looking statements to reflect actual results or subsequent events or circumstances.

By Aaron White, Regional Director, Middle East at Nutanix

 

The Future is Hybrid Cloud

As enterprises demand stronger application mobility and interoperability, they are increasingly choosing hybrid cloud infrastructure (the combined use of private and public clouds with some degree of integration between the two cloud environments). While the advent of public cloud has increased IT efficiency in certain areas, hybrid cloud capabilities are the next step in providing the freedom to dynamically provision and manage applications based on business needs.

As per findings of Nutanix’s first annual global Enterprise Cloud Index[1], measuring enterprise plans for adopting private, hybrid and public clouds, enterprises plan to increase hybrid cloud usage, with 91% stating hybrid cloud as the ideal IT model, but only 18% stating they have that model today. The findings also revealed that application mobility across any cloud is a top priority for 97% of respondents – with 88% of respondents saying it would “solve a lot of my problems.” Additionally, the report found public cloud is not a panacea; IT decision makers ranked matching applications to the right cloud environment as a critical capability, and 35% of organizations using public clouds overspent their annual budget. When asked to rank the primary benefits of hybrid cloud, interoperability between cloud types (23%) and the ability to move applications back and forth between clouds (16%) outranked cost (6%) and security (5%) as the primary benefits.

White enterprises are turning to hybrid cloud to modernize IT for the digital era, given the significant complexity that still exists today in cross-cloud management and integration, many enterprises are struggling to create an effective hybrid cloud strategy.

Below are 5 tips that will provide guidelines to regional enterprises considering the move to a hybrid cloud model:

1. A SINGLE INFRASTRUCTURE OR BIMODAL IT?

Supporting mode 1 (traditional) and 2 (next-gen) applications with separate infrastructure is called bimodal IT—and it’s a limiting, impractical process. Your hybrid cloud needs to support both seamlessly for a more agile infrastructure

2. DON’T OVERLOOK DEVELOPMENT AND TEST RESOURCES

Be sure to include all IT resources dedicated to development work, including tools, repositories, build servers, and so on

3. DON’T CHOOSE CLOUD PROVIDERS TOO SOON

Before you start thinking about a cloud provider, make a complete list of the environments you’ll need to give you an idea of what you’re doing on-prem. Remember, this is a 3-5 year commitment at least, so no rush!

4. RECONCILING IT IDEALS AND REALITY

Enterprise IT is rarely perfect, but you can still optimize it with a tactical, practical cloud management approach. As you work toward implementing hybrid cloud, keep the lights on in your current environment.

5. NEW TO DEVOPS? TIME TO GET FAMILIAR

As an enterprise, gaining a competitive advantage is a business necessity. To stay ahead of the curve, many enterprises from varying industries are getting serious about DevOps.

In conclusion, reliance on legacy datacentre architectures—whether you own the equipment and software or not—or getting locked into a specific infrastructure stack can add to technical debt, increase operating costs, and limit future flexibility. This is becoming a thing of the past. Hybrid cloud is the future. Hybrid cloud capabilities constitute a growing necessity in the dynamic, digital business climate, in which enterprises demand the freedom to dynamically provision and manage applications based on business needs. Reaching this ideal IT operating model will require more comprehensive hybrid vendor solutions, as well as greater expertise in designing, building, and operating hybrid clouds.

[1] Nutanix commissioned Vanson Bourne to survey IT decision makers about where they are running their business applications today, where they plan to run them in the future, challenges in setting up their cloud environments and how their cloud initiatives stack up against other IT projects and priorities. The survey resulted in approximately 2,300 respondents from multiple industries, business sizes and geographies in the Americas; Europe, the Middle East, Africa (EMEA); and Asia-Pacific and Japan (APJ) regions. To learn more about the report and findings, please download the full “Nutanix Enterprise Cloud Index 2018”,

Thunder Threat Protection System (TPS) Gives Service Providers the Highest Performance DDoS Defense in Compact, Reliable Form Factor

 A10 Networks, announced a new capacity enhancement to its Thunder^® 14045 TPS, which delivers industry-leading attack traffic mitigation capabilities. This capacity gain provides the highest performance available in the market with 500 Gbps of defense in one appliance. The smaller form factor reduces the number of devices required, while building scalable DDoS defenses that meet the challenge of emerging attacks. As service providers look to expand their service offerings, the Thunder TPS solution enables them to build profitable DDoS mitigation services that protect their own networks, as well as their subscribers.

Distributed denial of service (DDoS) attacks are only going to increase over time and attackers have an ever-expanding opportunity to use new device types, particularly connected-home devices like home hubs, routers and IP cameras to mount even larger attacks. In fact, the most recent A10 Networks’ DDoS Weapons Intelligence report describes the significant potential for attackers to use an IoT-related protocol, the Constrained Application Protocol (CoAP), deployed on IoT devices to marshal attacks.

With their expansive attack surface and absolute need for 24×7 uptime, global communications providers, cloud and online gaming service providers require the highest levels of protection from DDoS attacks. Service providers can rely on A10 Networks for expanded L3-7 DDoS protection, high scalability and advanced automated defenses that intelligently leverage machine learning.

“The proliferation of connected devices, and the increases in bandwidth and new application services enabled by advanced 5G networks mean that the size and intensity of DDoS attacks will increase exponentially. Customers require a modern approach to automated defenses with new technologies like machine learning and advanced threat intelligence to mitigate these attacks. The performance and automation available with Thunder TPS will help service providers deliver effective protection to their subscribers in this new and evolving attack landscape,” said Ahmed Abdelhalim, director of product management, A10 Networks.

With 500 Gbps mitigation capacity per Thunder TPS device, A10 Networks continues to drive innovation in the fast-growing DDoS market, leaving legacy suppliers behind. Thunder TPS solution is core to A10 Networks’ DDoS defense strategy delivering:

• One-DDoS Protection– The industry’s only connected intelligence system that provides full-spectrum multi-vector DDoS defense with distributed detection and machine learning capabilities within targeted infrastructure, including Thunder TPS, ADC, CGN, and CFW.
• Predictive, Automated Cyber Defense– Intelligent Automation, granular protection capabilities and zero-touch operation accelerate responses to ensure optimal, efficient protection.
• Actionable DDoS Weapons Intelligence– Incorporates global intelligence from A10 Networks DDoS weapons research for improved security posture and real-time insights into emerging threats.
• Industry-leading Performance– The highest performance in a small form factor enables fast detection and mitigation while lowering costs, reducing complexity, and increasing reliability in the field.

By Alain Penel, Regional Vice President – Middle East, Fortinet.

Operational technology (OT) refers to the hardware and software used to run industrial control systems (ICS), such as SCADA, that serve as the foundation of various areas of critical infrastructure. This includes industries that are essential to public safety and well-being, including power plants, manufacturing, water utilities, healthcare, transit, and more. OT differs from traditional IT systems due to the processes and systems that must be incorporated to effectively manage production and resource development systems, including engines, valves, sensors, and even robotics, that are common to critical infrastructure environments but may be absent from traditional IT stacks.

While IT and OT have been managed separately since their inception, there has been a growing movement toward the convergence of these two systems over the past 12 – 18 months. Incorporating IT capabilities such as big data analytics and machine learning into OT systems, along with faster connectivity solutions in order to respond to security and safety events more quickly, has allowed these industries to improve productivity and efficiency, offering a competitive edge to those who combine the systems effectively.

However, it’s important for OT teams to consider how this convergence affects the cybersecurity posture of critical infrastructure, especially given the impact that downtime caused by a cyberattack can have on the economy, health, and productivity of the nation. And worse, the potential safety risks to workers and even local communities should a critical system be compromised.

To determine where critical industries may be at risk due to IT and OT convergence, Fortinet has compiled the State of Operational Technology and Cybersecurity Report.

The State of Operational Technology and Cybersecurity

To understand the types of threats facing operational technology and how OT teams can mitigate these threats, Fortinet conducted a survey of organizations in critical industries with greater than 2,500 employees. Specifically, we examined plant and manufacturing operations leaders in:

• Manufacturing
• Energy and utilities
• Healthcare
• Transportation

Their answers revealed where OT is most vulnerable, the types of cyberattacks they regularly face, what their current security tactics are, and where improvement to cybersecurity protocols must be made.

Cybersecurity Risks for Operational Technology

The report revealed that cybersecurity must become a greater focus where operational technology is concerned, as 74% of OT organizations experienced a data breach in the last 12 months. The breaches negatively impacted organizations in a myriad of ways, including a reduction in safety, productivity and revenue, the compromise of business-critical data, and damaged brand reputation. Considering these, it’s clear that OT organizations that do not prioritize cybersecurity as part of their IT and OT convergence strategy risk losing all of the benefits of this strategy when they encounter an attack.

The most common types of cyberattacks affecting operational technology are malware, phishing, spyware, and mobile security breaches. The survey results show that these attacks persist as a result of four key reasons:

1. Lack of Visibility: 78% of organizations only have partial cybersecurity visibility into operational technology. This makes it difficult for teams to detect unusual behavior, quickly respond to potential threats, and perform threat analysis – all of which are crucial to a successful cybersecurity posture.
2. Lack of Personnel: As we have often seen elsewhere, due to the cybersecurity skills gap the low availability of skilled security professionals is a key concern for operations leaders considering implementing new security tools and controls in the network.
3. Rapid Pace of Change: 64% of operations leaders note that keeping up with the pace of change is a challenge when it comes to security, and yet, at the same time, slowing digital transformation efforts for any reason can compromise their competitive edge.
4. Network Complexity: OT network environments are complex, with anywhere from 50 to 500 devices to monitor and secure, many of which come from different vendors. This exacerbates the challenges surrounding visibility and personnel, as each device stores different data and has different security configuration needs and requirements.

Improving Security for Operational Technology

With these attack vectors and security challenges in mind, there are several steps operations leaders can take to improve the security posture at their organizations and minimize the risks associated with downtime in the wake of an attack.

First, 62% of organizations stated intentions to dramatically increase their cybersecurity budgets this year. Additionally, organizations are also adjusting their cybersecurity strategies, with 70% stating their intention to make the CISO responsible for OT cybersecurity in the next year—currently, just 9% of CISOs overseeing OT security.

In addition to these two changes already underway, organizations can implement several security tactics that have demonstrated success in critical infrastructure industries. As part of this study, Fortinet examined the differences in cybersecurity controls in place between those organizations that experienced zero intrusions over the last 12 months, and similarly-sized organizations with six or more intrusions. There were several tactics and tools that stood out among those top-tier organizations that those in the bottom-tier lacked, including:

• Multi-factor authentication
• Role-based access control
• Network segmentation
• Conduct security compliance reviews
• Management and analysis of security events

As OT and IT systems continue to converge, implementing these essential tactics can help operations leaders and CISOs gain visibility across their OT environments while reducing complexity in their network to reduce cyber risk.

Final Thoughts

Security threats to Operational Technology networks, especially in critical infrastructures such as transportation, health, and energy, can have major consequences for ensuring the success of these organizations, as well as for the daily lives of the people those industries support. To help minimize this risk, this latest report from Fortinet provides a critical examination of key areas of vulnerability in order to help OT teams identify more effective ways to improve cybersecurity efforts in the industries they support.

A10 Networks, announced that it has appointed Ehab Halablab as the company’s new Regional Channel Manager for Middle East and North Africa (MENA).

Ehab has more than 12 years’ experience in the IT industry. Prior to A10 Networks he worked at security firm Symantec as territory manager for enterprise where he was instrumental in driving new business acquision. He also held a regional channel leadership position at Blue Coat Systems (acquired by Symantec) and regional sales manager position at Sophos. The early part of his career was spent at Naizak Distribution Services as account manager for several key security vendors.

Mohammed Al-Moneer, Regional Vice President of Sales – MENA at A10 Networks says, “Ehab brings a wealth of leadership and channel expertise to our company. Partners are critical to A10’s growth strategy and success. In order to drive our leadership in 5G, multi-cloud and security infrastructures, we needed a regional channel head with a depth of relevant experience and a proven track record and Ehab ticked these boxes. He will play a pivotal role in leading the adoption of a channel-driven business strategy, partner enablement and identifying new partners, while ensuring they are equipped with the tools necessary to sell our company’s portfolio of market leading soutions.”

Ehab will be responsible for developing & executing a regional channel strategy focused on partner certification, premier security partner recruitment, and direct & indirect channel enablement programmes. As part of the strategy to grow the business, Ehab is looking to transform distributors into value added distributors (VADs). The company will be actively onboarding new potential partners in the region that will be focused on A10’s business. The internal sales team will also be seeding new business opportunities that will be fulfilled through resellers in the region. In addition, Ehab will be focused on strengthening local ties with the company’s alliance partners like HP, Nokia Systems, Ericsson and NEC.

Ehab will champion the regional launch of the company’s award winning Affinity Partner Programme, which leverages incentive programmes, co-partner end user events and vertical focused events to drive partner engagement and opportunities.

Another key focus area for Ehab will be enabling strategic partners within the high-growth security, cloud & infrastructure domains. The company has launched its Authorized Training Centre (ATC) based in Dubai to educate partners and customers. A10 ATCs will be regulary launching monthly sessions at the beginning of each quarter. There is also going to be the launch of a partner training program called ‘RiDerS’ which will give an opportunity to channel system engineers to gain the requisite high level of security knowledge.

“The network application, cloud and security business in the MENA region is growing at an exponential rate as organizations are looking to embark on the road to digital transformation. I’m delighted to be joining A10 Networks at this very exciting time since the company’s technologies are at the core of several of today’s key IT business drivers like 5G, multi-cloud and security. I am looking forward to empowering our partners to deliver a first-class experience to our mutual prospects and customers, drive customer engagement and fuel growth,” concludes Ehab.

Author: Claude Schuck, regional head, Middle East at Veeam

The ways businesses leverage cloud to manage and maximise the value of their data continue to evolve. The years when adopting cloud-based solutions felt like the first step into some brave new world may be behind us, but with every new cloud-consumption model comes new questions. Multi-cloud, the current variation of cloud deployment, is attracting attention, questions and scepticism from businesses.

Whereas a hybrid cloud is a single entity, an amalgamation of a private cloud with public cloud environments, multi-cloud simply includes multiple clouds. It is a nod towards the fact that businesses are increasingly using different clouds for different purposes. In today’s digital economy, 81% of enterprisesare embracing a multi-cloud strategy.

It is common for the IT industry to promote the idea of a one-stop shop model – a single point of failure – to avoid the perceived inefficiency and confusion of dealing with multiple vendors and cloud service providers (CSPs). Data is now described as the oil of the digital economy, a company’s most valuable resource, so as businesses demand an infrastructure which maximises the potential value of that data, IT departments are under pressure to deliver.

For example, a business may wish to store data from its fastest growing business unit in Google Cloud for scalability at relatively low expense but use AWS for its R&D databases to enjoy the benefits of AI and voice-assisted search. Whereas previously the only viable decision for the business would have been to make a judgment call based on its priority needs and budget constraints, the best strategic option is now to adopt a multi-cloud approach.

Data-driven transformation

There is a movement from organisations to become more data-driven, with business leaders recognising the importance of data in both high-level business strategy and operational decision-making. Furthermore, consumers and employees are beginning to appreciate the true value of their data, which means businesses must ensure that the people who share data with them see the value in doing so through receiving more personalised experiences. People want to know that their data is protected and is secure, but they also want greater transparency about what it is being used for.

Creating this data-driven culture is underpinned by continuous digital transformation – embracing the latest and greatest technologies which allow the business to repeatedly lift its performance levels. According to Gartner’s 2018 CIO Agenda report, making progress towards becoming a digital business is a top priority for CIOs – and the proliferation towards multi-cloud reflects this trend.

Despite this, the latest Veeam Availability Report reveals that two thirdsof senior IT leaders admit their digital transformation has been held back by unplanned downtime. And successful multi-cloud deployments depend on the availability of all apps and data, at all times. So, businesses looking to take advantage of multi-cloud environments must ensure that their apps and data are always available – and that their culture of data-driven decision-making is fully supported to maintain customer confidence and brand reputation.

Availability in the multi-cloud

The complexity of maintaining availability within a multi-cloud environment is the reliance on multiple CSPs. While all major vendors and CSPs will make backup and disaster recovery (DR) solutions available to their customers, each provider has different protocols, service level agreements (SLAs) and capabilities; and the last thing any business wants to hear when disaster strikes is that they are not adequately protected or that recovery has failed. While no business, regardless of whether it is using multi-cloud or not, can guarantee that it will never experience unplanned downtime, every business can ensure that it is prepared for this possibility.

Therefore, businesses opting for multi-cloud need to ensure that they have an availability solution which sits cross their entire cloud provision, making cloud data protection easy with a seamless process for sending data offsite to the cloud. As well as a reliable backup and DR solution which is interoperable with all major CSP solutions, the platform should provide businesses with full visibility of data availability across their entire multi-cloud infrastructure.

For businesses using multi-cloud to power their digital transformation in the bid to establish a more data-driven culture across the organisation, data is akin to running water – a utility which all rely on and must be available at all times. Businesses embracing multi-cloud should not be put off by the prospect of working with multiple vendors as certain software-based platforms can give the peace of mind and a turnkey solution to minimising downtime.

At the recently conducted ‘Sennheiser for Broadcast Hands-On Training Day’, held this month in Dubai, it emerged that the shrinking of the spectrum allocated for the Programme Making and Special Events (PMSE) industry remains a key concern for regional broadcasters. The Telecommunications Regulatory Authority (TRA) of the UAE, who participated at the event, was quick to address these concerns by outlining how its radio frequency (RF) spectrum authorization policy is ensuring smooth operation of broadcast systems, and safeguarding equipment investments for broadcasters.

The TRA also highlighted its ongoing collaboration with broadcast-related equipment manufacturers such as Sennheiser to ensure systems being imported and sold within the UAE operate within the allocated frequency bands. Particularly well received was the Authority’s demonstration of the interactive National Frequency Plan that is now available on its website.

In a session conducted by Sennheiser COO for the Professional Audio Division, Peter Claussen, Middle East broadcasters were given a first look at some of the innovative products currently being developed by the company’s Professional Division. In line with the company’s commitment to customer-centric innovation, Claussen offered attendees the opportunity to share their feedback and opinions on the types of audio solutions and advancements they would like to see in the future.

Commenting on the event, Ryan Burr, Head of Technical Sales & Application Engineering, Professional Audioat Sennheiser Middle East said, “Across demographics in the Middle East, the appetite for high-quality content is growing, placing broadcasters under increasing pressure. With turnaround times for the creation and distribution of compelling content constantly shrinking, it is imperative that they have the right expertise and solutions. As a trusted advisor and technology partner to some of the region’s leading television and radio broadcasters, Sennheiser is committed to advancing the industry from both a knowledge as well as a technical standpoint.”

Having recently conducted its largest set of product launches for Middle East Broadcasters at CABSAT 2019, Sennheiser used its Hands-On Training Day to provide attendees with detailed overviews and demonstrations of the recent additions. These were grouped into three categories, catering to the specific requirements of each segment of the industry:

 In the Studio:

Sennheiser’s model TV studio control room featured its Digital 9000, Digital 6000, 3000/5000 Series and EW-500 G4 microphone systems running through a mixing console and onto a pair of Neumann KH-310 studio monitors. Attendees were presented with several tests and demonstrations highlighting the capabilities of each system. This was followed by an in-depth tutorial on the Wireless Systems Manager, Sennheiser’s professional software solution for remotely monitoring and coordinating the frequencies of wireless microphones and monitors.

On the Radio

To simulate the set up for radio broadcasts, Sennheiser presented a comprehensive line up of Neumann microphones, including the BCM-104 and BCM-705 radio studio mics. These were fed into a mixing console and onto headphones and headsets from Sennheiser’s professional range, including the HD-26 and the new HD 300 PRO.

Out in the Field

For its outside broadcast setup, Sennheiser used an ENG camera with the EK-6042 true diversity two channel receiver plugged into its receiver slot. The EK-6042 was then synchronised with several different transmitter/mic combos including the MKH-8060 and 8070 shotgun ranges and the SKP-500 G4 plug-on transmitter mic. This allowed the broadcasters to test the both the range and quality of transmitted audio for these solutions. Attendees were also offered the ability to try out products from Sennheiser’s Audio for Video range such as the compact and versatile Memory Mic.

Each of these live stations were specifically designed to encourage attendees to gain a better understanding of the operation and capabilities of the systems through practical hands-on demos with the various equipment sets. “Given the caliber of the attendees, we were keen for them to experience the live stations with complete freedom. There were high levels of enthusiasm as they explored the features and capabilities of our solutions, especially when these exceeded their expectations,” said Burr.