Catch up on this week’s round-up of the latest hosting and tech news. Here’s what we’ve uncovered since our last edition.
Cloud Security Woes
According to a recent survey, many companies are too slow at responding to cloud security alerts, with an average response time of 145 hours. The survey also found that 60% of organisations take more than four days to resolve security alerts.
The research, conducted by Palo Alto Networks’ Unit 42, analysed the cloud environments of over 1,300 organisations over the past year. The report highlighted the importance of fixing vulnerabilities and misconfigurations swiftly, as cybercriminals move quickly to exploit new attack surfaces. It also showed that a significant number of alerts could be prevented by following a few common policies more closely, including the enforcement of multi-factor authentication (MFA) and firewall rules. The survey discovered that over three quarters of organisations don’t enforce MFA for console users, and more than half don’t enforce them for admins, making them highly vulnerable to brute-force attacks.
DfT App Innovation
The Department for Transport (DfT) plans to overhaul its transport data strategy to make a vast range of data available to both professional and amateur developers, in a bid to encourage new app innovation.
The DfT aims to consolidate open data from different transport segments and create a transport data marketplace that reduces the costs associated with data collection. This will result in a new data catalogue, called Find Transport Data, which offers app developers a single point of entry for transport metadata, giving them access to new data and travel analytics.
Developers can use data from across various modes of transport, including ports and train stations, to assess transport operations’ carbon impact or plan more efficient supply chains based on real-time road and train data. According to the DfT, sharing data unlocks value across sectors and enables companies to make innovative use of transport data, which would have previously been costly and time-consuming.
Climate Threat to IT
A recent Committee on Climate Change (CCC) report has revealed that the UK’s IT and telecommunications infrastructure is unprepared for the severe effects of climate change. The report criticised the UK government for lacking a plan or having processes in place to manage climate risks to the country’s telco and IT infrastructure, despite the expected increase in extreme temperatures, flooding and intense storms.
The report warned that such weather events could cause significant damage to critical equipment such as data centres, fibre optic cables and mobile masts, with little being done to prevent this from happening. The CCC also highlighted the lack of data available to properly evaluate climate resilience across the entire sector and urged the government to create metrics to measure climate impact and adaptation.
Multi-Cloud Concerns
In a new report, Microsoft has cautioned that businesses face greater security risks due to a culture of ‘over-permissioning’ in multi-cloud environments. The report revealed that the majority of permissions granted in daily operations, both for humans and machines, are considered high-risk and not used. With so many permissions granted, companies are finding it increasingly challenging to know who has access to which data across different cloud platforms.
The study also found a sharp increase in the number of super admins who had access to all resources within a company’s cloud infrastructure. With nearly all of these identities being unused, there is a heightened risk of misuse in the event of a breach. Additionally, the rise of machine-based identities further compounds the issue of visibility and monitoring in multi-cloud environments. Multi-cloud users are advised to review their permissions policies and audit existing permissions, removing unused super admins as a priority.
Unilever 100% Cloud
London-based consumer goods giant, Unilever, maker of everything from Ben & Jerry’s to Domestos, has completed a major digital transformation that has resulted in it becoming a cloud-only company. After undergoing one of the biggest and most intricate cloud migrations yet seen, the initiative will assist the company in launching products more quickly, enhancing customer service, and improving operational efficiency.
In addition, the company also said that the migration would enable it to accomplish its sustainability goals by lowering carbon emissions and streamlining energy usage. In the long term, the cloud migration project will help Unilever in four key areas, including enhancing predictive analytics and AI capabilities, adopting the latest AI technology to improve employee and customer experiences, and utilising industrial metaverse technologies to streamline supply chain operations.
Visit the WHUK website for more news, knowledge base articles, blog posts and information on our wide range of services.