Featured

The Latest

18 March 2021: Veeam released a report which suggests that 58% of backups fail. After validating these claims, and from the direct experiences of our advisors who have been CIOs or infrastructure managers in previous years, IBRS accepts there is merit in Veeam’s claim.

The real question is, what to do about it, other than buying into Veeam’s sales pitch that its backups give greater reliability?

Why it’s Important

Sophisticated ransomware attacks are on the rise. So much so that IBRS issued a special alert on the increasing risks in late March 2021. Such ransomware attacks specifically target backup repositories. This means creating disconnected, or highly-protected backups is more important than ever. The only guarantee for recovery from ransomware is a combination of well-structured backups, coupled with a well-rehearsed cyber incident response plan. 

However, protecting the backups is only useful if those backups can be recovered. IBRS estimates around 10-12% of backups fail to fully recover, which is measuring a slightly different, but more important situation than touted by Veeam. Even so, this failure rate is still far too high, given heightened risk from financially-motivated ransomware attacks.

Who’s impacted

  • CIO
  • Risk Officers reporting to the board
  • CISCO
  • Infrastructure leads

What’s Next?

IBRS has identified the ‘better-practice’ from backup must include regular and unannounced, practice runs to recover critical systems from backups. These tests should be run to simulate as closely as possible to events that could lead to a recovery situation: critical system failures, malicious insider and ransomware. Just as organisations need to rehearse cyber incident responses, they also need to thoroughly test their recovery regime. 

Related IBRS Advisory

  1. Maintaining disaster recovery plans
  2. Ransomware: Don’t just defend, plan to recover
  3. Running IT-as-a-Service Part 59: Recovery from ransomware attacks
  4. Ransomware, to pay or not to pay?
  5. ICT disaster recovery plan challenges
  6. Testing your business continuity plan

The Latest

28 March 2021: MaxContact, vendor of a Cloud-based call-centre solution, announced it is supporting integration of Teams clients. Similar vendors of call centre solutions have announced or are planning similar integration with Teams and/or Zoom. In effect, the most common video communications clients are becoming alternatives to voice calls, complete with all the management and metrics required by call centres. 

Why it’s Important

The pandemic has forced working from home, which has in turn positioned video calling as a common way to communicate. There is an expectation that video calling, be it on mobile devices, desktop computers or built into televisions, will become increasingly normalised in the coming decade. Clearly call centres will need to cater for clients who wish to place calls into the call centre using video calls.

But there is a difference between voice calls and video that few people are considering (beyond the obvious media).  That is, timing of video calls is generally negotiated via another media: instant messaging, calendaring, or meeting invites. In contrast, the timing for voice calls are far less mediated, especially when engaging with call centres for service, support or sales activities.

For reactive support and services, video calls between a call centre and a client will most likely be a negotiated engagement, either instigated via an email or web-based chat agent. Cold-calling and outward bound video calls is unlikely to be effective.

The above has significant implications for client service and support processes and call centre operations.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

The adoption of video calls by the masses is here to stay. Video calling is not a fad, but it will take time to mature. 

Having video support and services available as part of the call centre mix is likely to be an advantage, but only if its use makes sense in the context of the tasks and clients involved.  

Organisations should begin brainstorming the potential usage of video calls for serving. However, adding video calling to the call centre is less of a priority than consolidating a multi-channel strategy and, over time, an omnichannel strategy.  

Related IBRS Advisory

  1. Better Practice Special Report: Microsoft Teams Governance
  2. Evolve your multichannels before you try to omnichannel
  3. VENDORiQ: CommsChoice becomes Australia's first vendor of Contact Centre for Microsoft Teams Direct Routing

The Latest

28 March 2021: AWS has a history of periodically lowering the costs of storage. But even with this typical behaviour, its recent announcement of an elastic storage option that shaves 47% off current service prices is impressive. Or is it?

The first thing to realise is that the touted savings are not apples for apples. AWS’s new storage offering is cheaper because it resides in a single-zone, rather than being replicated across multiple zones. In short, the storage has a higher risk of being unavailable, or even being lost by an outright failure. 

Why it’s Important

AWS has not hidden this difference. It makes it clear that the lower cost comes from less redundancy. Yet this architectural nuance may be overlooked when looking at ways to optimise Cloud costs.

One of the major benefits of moving to Platform-as-a-Service offerings is the increased resilience and availability of the architecture. Cloud vendors, including AWS, do suffer periodic failures within zones. Examples include the AWS Sydney outage in early 2020 and the Sydney outage in 2016 which impacted banking and e-commerce services.  

But it is important to note that even though some of Australia’s top companies were effectively taken offline by the 2016 outage, others just sailed on as if little had happened. The difference is how these companies had leveraged the redundancies available within Cloud platforms. Those that saw little impact to operations when the AWS Sydney went down had selected redundancies in all aspects of their solutions.

Who’s impacted

  • Cloud architects
  • Cloud cost/contract specialists
  • Applications architects
  • Procurement leads

What’s Next?

The lesson from previous Australian AWS outages is that organisations need to carefully match the risk of specific application downtime. This new announcement shows that significant savings (in this case 47%) are possible by accepting a greater risk profile. However, while this may be attractive from a pure cost optimisation/procurement perspective, it also needs to be tempered with an analysis of the worst case scenario, such as multiple banks being unable to process credit card payments in supermarkets for an extended period.

Related IBRS Advisory

  1. VENDORiQ: AWS second data centre in Australia
  2. Post COVID-19: Four new BCP considerations
  3. Running IT-as-a-Service Part 55: IBRS Infrastructure Maturity Model

Conclusion:

While some bots may be benign, many are engaged in unscrupulous behaviour, such as stealing valuable commercial data or attempting to obtain access illegitimately. At best, bots are a drain on an organisation's resources, increase demands on infrastructure and causing the expenditure of resources, pushing up costs. In the worst case, they represent a significant cyber threat.

IBRS interviewed experts in the field of bot defence: Craig Templeton, CISO and GM Tech Platforms with REA Group and Sam Crowther, developer of the Kasada bot defence platform.

Conclusion:

Involving end-users in the software development cycle isn’t a new concept, yet reportedly, 78 per cent of IT project professionals believe business stakeholders need to be more involved in and engaged with the requirements process1. Commonly, software development project managers report problems with end-users’ ability to learn and use the new system and/or the end-users’ perceived quality of system functionality. While usability testing is meant to be a safeguard for system ease-of-use, user acceptance testing is designed to be a safeguard for the development of quality functionality. Both play a different role in the software development lifecycle.

This paper covers the differences between usability testing with end-users and user acceptance testing, also conducted with end-users and why both are equally important for the software development success.

Conclusion:

Thinking that the pandemic will soon be past and some form of new normal will emerge, be it working from home or office work, or a hybrid mix - is a misconception. Even with a vaccine, the pandemic will continue in isolated, difficult to predict pockets, and cause sporadic rapid changes to work practices for the foreseeable future. Organisations will need to be able to quickly flip-flop work environments rapidly, and work processes - and thus technologies - must evolve to meet the challenges of the 'age of uncertainty'. A fourth wave of ICT architecture is emerging, with a focus on information over architecture, low-code everything and powered by algorithms.

Find attached at the bottom of the article a free downloadable PDF copy of the trends for 2021-2026 executive presentation deck.