Eyes on APAC

August 22, 2019  7:28 AM

Top four considerations when securing the multi-cloud environment

Aaron Tan Aaron Tan Profile: Aaron Tan

This is a guest post by Stephen Dane, managing director for cyber security at Cisco Asia-Pacific, Japan and Greater China

We live in a multi-cloud world. A world where a multitude of offerings from cloud service providers (CSPs) gives us the potential to respond to business opportunities and challenges at a moment’s notice.

According to IDC’s CloudView 2018 report, 85% of all businesses are evaluating or using public cloud, 87% of cloud users are moving towards hybrid cloud, and 94% are using or plan to use a multi-cloud environment, an increase from 84% in 2017.

While the flexibility, productivity and cost savings benefits of cloud apps have fueled widespread adoption of multi-cloud across Asia-Pacific, organisations are challenged to deal with its fragmented nature, increasing complexity and lack of control when it comes to data, policy and security.

It is crucial for businesses to have an end-to-end multi-cloud framework in place or they may find themselves supporting inefficient traditional datacentre environments and inadequately planned cloud implementations that may not be as easy to manage or as affordable as they imagined.

Securing the multi-cloud environment

Today’s multi-cloud world consists of software-as-a-service (SaaS) applications, private, public and hybrid clouds, hosting infrastructure-as-a-service (IaaS), and employees and branches accessing the cloud and internet from anywhere.

This means that chief information security officers (CISOs) do not have the same level of control in a multi-cloud environment as they have with their on-premises infrastructure. It also means that there is no single tool to build a unified security policy across the environment, adding to the complexity that CISOs face.

In Cisco’s 2019 CISO benchmark study, 70% of respondents in Asia-Pacific said that defending cloud infrastructure was “very or extremely” challenging, higher than the global average of 52%.

While ease of use is still the top driver for hosting infrastructure in the cloud, the potential for greater security is also high on the CISO agenda. In the same study, 50% of CISOs cited “better data security” as a reason to move into a cloud environment. This shows that while securing the cloud is a concern, security leaders recognise the ability of the cloud to offer more security benefits, and this possibly stems from general levels of trust in cloud providers to get the basics right and to make it easy for the consumer of those services to add their own security layered on top.

So where should businesses start? Here are four key considerations:

Gaining visibility into the network

Organisations are shifting IT resources to the public cloud such as Amazon Web Services, Microsoft Azure, Alibaba Cloud and Google Cloud at historic scale, driven by demands for greater capital efficiency, agility and scalability. Businesses need to understand that security in the cloud is not fully managed by either the customer or cloud provider; rather, it is a “shared responsibility model” where each party is responsible for different pieces.

The cloud provider is responsible for protecting the infrastructure that runs all the services offered in the cloud. This infrastructure is composed of the hardware, software, networking and facilities that run the cloud services.

The customer is responsible for security in the cloud, such as the management of the guest operating system (including updates and security patches), any application software or utilities installed by the customer on the instances, firewall or security group configuration.

To do so, businesses need to think about how they are protecting their data: Are their applications secure? Have they configured their firewall correctly? Have they managed identity and access correctly? Is their data is secure or is it being accessed by third parties? Failure to account for these responsibilities will create a greater risk of exposure and data exfiltration.

The first step to securing multi-cloud environments is gaining greater visibility at the network and application layer. This can be achieved with solutions such as Cisco Stealthwatch Cloud, which delivers security visibility for the public cloud, allowing organisations to detect abnormal behavior and threat activity, so they can quickly respond before a security incident becomes a devastating breach.

Protect SaaS apps as users bypass security perimeter

Users are increasingly self-selecting which apps to use anytime and anywhere. In today’s multi-cloud world, SaaS application usage is frequently a blind spot as independent applications running on an organisation’s hybrid and multi-cloud infrastructures are constantly evolving.

Attackers can compromise cloud identities, gain access to information stored in the cloud through excessive file shares and public data exposures, and create malicious applications that connect to users’ cloud identities by exploiting the Open Authorisation (OAuth) protocol.

Currently, the majority of datacentres are designed with traditional perimeter-only security, which is insufficient, especially as the datacentre has become a multi-cloud environment. Providing a secure infrastructure for hundreds or even thousands of applications without compromising agility requires a new, multi-dimensional approach. As applications move from an on-premise datacentre, to a private cloud and a public cloud, security has to move with them.

This is why an application-first security model allows organisations to gain insight and control through greater visibility, achieve compliance with software guardrails and reduce risk with advanced threat prevention and detection across the environment.

Optimise networking and security with segmentation

A Cisco study revealed that 63% of companies are adopting software-defined wide-area networking (SD-WAN), suggesting that they may be optimising their networks for cloud.

Today’s work environment allows employees to work from any device, anywhere and anytime. As remote users work directly in cloud apps, and as organisations enable applications and devices at branch sites to directly access the internet, they bypass the traditional centralised security perimeter. This exposes the branch and devices to all types of internet traffic, and in the process, increases the attack surface at the edge.

To solve the security and complexity problems at the cloud edge where networking, security and multi-cloud environments meet, Cisco is building security functionality into its SD-WAN software while boosting support for cloud services.

This extends branch segmentation into the datacentre and cloud by carrying the relevant identifying segmentation information to all relevant points in the network. By integrating security and networking into one platform, we are in a position to optimise and secure the network and deliver the traffic directly to the cloud provider in a simple and cost-effective way.

Balance threat detection with trust verification

By now we have established that we have users, devices and apps accessing the network like always but also accessing data beyond IT’s traditional control points.

Application access decisions are often happening off-network when mobile users go straight to cloud apps. So, while a strong security posture begins with continuous threat detection that blocks attacks and malware outright and also continuously detects and remediates the most advanced threats, it has to be coupled with continuously verifying trust. This trust-centric approach enforces controls around access to sensitive data and apps and verifies trust in users, workloads and IoT devices.

By keeping these four considerations top of mind, businesses can adopt the cloud with confidence and protect their users, data, and applications, anywhere they are.

August 16, 2019  6:09 AM

How C3M is easing multi-cloud management

Aaron Tan Aaron Tan Profile: Aaron Tan

Managing and securing access to multiple public cloud services can be a challenge for enterprises that are embarking on a multi-cloud strategy.

Besides making sure that only authorised members of the IT team are granted access to cloud services, there’s also a need to implement controls to prevent misconfiguration of resources that could have grave consequences, such as data leakages in the case of misconfigured Amazon S3 buckets.

Then, there’s also a slew of compliance and legal requirements that enterprises, especially in regulated industries, will need to comply with.

While there are various cloud security management tools in the market, San Francisco-based start-up C3M is making it easier for administrators to implement security, compliance and access controls across multiple public cloud services.

In a demo of C3M, which can also be deployed on the public cloud and on-premise, the company’s chief product officer Anil Kumar showed off the software’s user-friendly interface that makes it easy to keep track of the status and security of multiple cloud services on a single dashboard.

In the policy compliance module, for instance, administrators can quickly see which cloud service configurations do not comply with pre-set policies, delve into the actual configurations, such as how long the service has not been in compliance, and even remediate the issues automatically.

And through audit trails, administrators can identify when the last configuration was made, by whom, as well as the severity levels of non-compliant configurations.

For now, C3M supports major cloud services including Amazon Web Services, Google Cloud Platform and Microsoft Azure, with out-of-the-box security policies available for enterprises to enforce on public cloud services.

Kumar says administrators can also build custom policies if they like. This can be done easily using C3M’s query language in an explorer mode that lists various policy attributes that can be applied to a virtual machine, for example.

Aswin Unnikrishnan, C3M’s head of operations, says the company has received requests from channel partners for a cloud cost control module and is currently evaluating the option.

C3M also plans to support hybrid cloud environments that will enable enterprises to manage their private and public cloud environments through the same platform.

So far, the company counts some of the largest financial institutions as clients, including one in the US that was hacked years ago, according to Unnikrishnan. “We also have some smaller companies and software distributors in the UK as customers.”

C3M sells its software via a workload-based licensing model. It keeps track of the number of workloads its customers are managing through its platform, and the moment customers hit close to 90% of their licensed workloads, a reminder will be sent.

Unnikrishnan says some C3M customers manage as many as 100,000 workloads and claims that the company’s pricing strategy is disruptive. “It’s almost a third or a quarter of what the competition charges for similar features.”

August 2, 2019  7:22 AM

How International SOS is keeping up with the pulse of change

Aaron Tan Aaron Tan Profile: Aaron Tan

In just under three years, tech veteran Ramesh Munamarty has accomplished what some of his peers can only dream of – building an agile culture, shoring up the IT infrastructure and delivering impact for the business.

The group CIO of International SOS, which provides medical and travel security services, joined the company in October 2016 to drive three strategic imperatives: enterprise IT, digital transformation and business process optimisation.

Munamarty got down to work quickly, starting with the development of a digital platform that provides common services for different business units, in areas such as identity and access management, customer relationship management and application programming interfaces.

Serving as the foundation of International SOS’s digital transformation across the globe, the common platform also provides access to no-code productivity tools for automating workflows as well as a mobile development framework.

The mobile development framework, says Munamarty, has enabled country teams to develop mobile apps designed to serve their own markets. “This level of centralisation allowed a lot of progressive thinking in terms of the need to ensure we have enterprise-grade architecture,” he told Computer Weekly on the sidelines of the ConnectGov Leaders Summit 2019 in Edinburgh.

The other change that Munamarty spearheaded at International SOS was business process optimisation. “It’s not just the technology that’s important to drive the transformation – the processes had to be changed, along with having the mindset and culture of change.”

Munamarty started a separate team for business process innovation, comprising people who are well-versed in the Six Sigma methodology. The team conducted “value stream mapping” across different processes to identify inefficiencies before streamlining processes. This was important to avoid automating a bad process, he adds

“Disciplines such as enterprise architecture and business process innovation, as well as using data analytics to drive engineering teams into having a DevOps mentality and having a common engineering platform, were some of the key fundamentals,” Munamarty says.

But that was not all. As it was just as critical to secure buy-in from different lines of business on the company’s digital transformation efforts, representatives from the business units were engaged to serve as the liaison between business and IT.

These “business partners”, says Munamarty, report to him as well as to the CEO, helping the IT organisation to prioritise demand and navigate a complex organisational structure.

Munamarty also restructured infrastructure operations, transformed service desk functions, and has started to embark on hybrid cloud and software-defined networking strategies.

The transformation efforts are bearing fruit. International SOS is already seeing a double-digit growth in its revenues from digital products while the stability of its infrastructure has improved significantly.

July 26, 2019  5:55 AM

How Singapore’s SP Group is keeping pace with digital transformation

Aaron Tan Aaron Tan Profile: Aaron Tan

The increasing use of renewable energy, consumer expectations of digital services and market liberalisation are some of the forces that have been reshaping Singapore’s energy industry in recent years.

Faced with this disruption, SP Group, the country’s main energy supplier and power grid operator SP Group – formerly known as Singapore Power – has been embarking on a slew of initiatives to transform digitally.

A few years ago, it formed a digital business subsidiary called SP Digital to build “energy tech” products for industries such as marine engineering. Sembcorp Marine, for example, is using SP Digital’s products to monitor solar energy generation, and to optimise energy usage using artificial intelligence.

SP Digital has also launched a renewable energy certificates marketplace based on blockchain technology, as well as built a consumer engagement platform that lets residential customers track their energy usage, among other capabilities.

When SP Group’s nationwide electric vehicle charging network is ready by 2020, the engagement platform could also be used to deliver new capabilities for consumers, such as locating charging points and paying for the use of them.

The transformation at SP Group so far has been nothing short of impressive. SP Digital’s digital energy products have so far generated new revenue streams, putting the group in a better position to compete with young energy start-ups in a changing industry that’s brimming with innovation.

“The utility and energy world has always been about infrastructure behind the scenes, but things are changing,” SP Digital CEO Chang Sau Sheong told Computer Weekly on the sidelines of the 2019 ConnectGov Leaders Summit in Edinburgh.

“I was recently at the IEA (International Energy Agency) conference and you can see that sustainability and energy efficiency is so huge that there are lots of start-ups embarking on it. It’s no longer the old utilities industry.”

Chang rise to the helm of SP Digital was just as transformational. He took over from his predecessor who was running a team tasked with managing traditional IT and operational technology systems at SP Group.

After his predecessor left the firm, Chang was asked by the group CEO to spin off his team to form SP Digital, with its own profit-and-loss (P&L) account. That paved for way for Chang and his team to pursue new digital opportunities – and the rest is history.

July 5, 2019  8:12 AM

The blockchain effect: why businesses need to prepare employees

Aaron Tan Aaron Tan Profile: Aaron Tan

This is a guest post by Rosie Cairnes, regional director at Skillsoft ANZ

When most people hear the term blockchain, they immediately think of bitcoin, the most widely known of the hundreds of cryptocurrencies being traded online today. Bitcoin, a blockchain-based decentralised digital currency with no central bank or single administrator, made headlines in December 2017 when its value reached an all-time high of almost $20,000.

For the majority people, this may have been the first time they had seen or heard of blockchain technology – unless they had already stumbled over Netflix’s Banking on Bitcoin documentary.

While it is still very much in its infancy, blockchain is more than cryptocurrencies, and is poised to disrupt every industry.

Understanding blockchain

Blockchain is essentially the technology that provides a trusted decentralised ledger, which can be used to store data securely and independently verify transactions between parties. Think of it like one person trying to hold onto 50 marbles –  these could be easily stolen or dropped because one person can’t hold that many securely in their hands.

If instead they were divided among 50 people who were asked to take care of one marble, each marble would be more secure, because it’s easy for one person to hold one marble, and if someone tried to run away with theirs, the rest of the group would quickly see the culprit and stop them. In the same way, blockchain ‘shares’ responsibility for the data, so it’s better controlled and more secure.

In addition to digital currencies, blockchain has the potential to automate and streamline huge numbers of tasks and business processes. There are new applications and use cases popping up every day.  The technology is poised to transform how journalism is funded, change how we buy and sell property, and even reinvent employee management and HR.

And it’s not all blue-sky thinking. Numerous blockchain projects are well underway in large organisations.  More than 75 of the world’s largest banks have joined the Interbank Information Network, which uses blockchain technology to minimise friction in the global payments process.

A fundamental shift

We are at the dawn of a technological revolution. Blockchain, as well as a host of other fledgling technologies, such as artificial intelligence, machine learning and 5G, is poised to fundamentally change the makeup of the workforce.

Blockchain-based technologies will automate repetitive tasks, significantly speed up global data processes and replace a huge number of jobs. Research on the topic is limited – and predicting the future workforce landscape is difficult, if not impossible.

At a recent blockchain summit, the CEO of one of the industry’s best-funded startups estimated that blockchain could make 30% to 60% of current jobs redundant, simply by enabling people to share data securely with a common record.

To compete and thrive in the blockchain world, organisations need to apply fresh thinking to prepare their workforce for the coming changes. They will need to create new ways of working.

Preparing for change

While there is no shortage of programming roles when it comes to blockchain – and this demand is set to grow exponentially – many people without programming skills will need to prove their value in other ways, or face being replaced by increased automation.

The challenge for business leaders will be empowering their workforce and ensuring their employees are ready. Workers must be willing and able to embrace new and exciting roles. This will mean upskilling employees to use automation to augment their roles – rather than replace them – and explore more creative styles of working.

While it is difficult to predict what many of these new roles will look like – indeed, research from Dell recently predicted that 85% of 2030’s jobs do not even exist yet – it is likely they will involve employing uniquely ‘human’ attributes, such as creative thinking, leadership and adaptability.

Attracting and retaining the right talent will be crucial over the coming years, more so than ever before. But the key to long-term success for many businesses will be providing their people with the opportunities to transition into roles that are more skilled, value-based and rewarding.

This means ensuring employees have access to high-quality digital skills training, while also encouraging an organisation-wide culture of continuous learning and soft skills development.  Not only will this help employees prepare for the jobs of tomorrow, it will drive innovation within the organisation today.

June 27, 2019  9:15 AM

What Singapore consumers expect from 5G

Aaron Tan Aaron Tan Profile: Aaron Tan

While enterprises are expected to be one of the early beneficiaries of 5G networks that promise low-latency connectivity for driverless vehicles and factory machinery, consumer use cases of the technology have not been widely discussed.

Ericsson’s latest ConsumerLab study offers a glimpse on how Singapore consumers expect to benefit from 5G. According to the study, which involved interviews with 1,500 respondents in Singapore, more than half believe augmented reality (AR) glasses will become the norm by 2025.

They also expect to make use of the higher bandwidth of 5G networks to watch three hours more of video content, of which an hour will be spent on AR and virtual reality glasses. This will have cumulative effect on mobile data consumption which will grow to as much as 200GB per month by 2025.

Besides entertainment, Singapore consumers appear to be warming up to smart home solutions, with smart home sensors expected to be one of the top two applications for 5G, the other being 5G TV services.

And the good news, at least for telcos, is that Singapore consumers are willing to pay a 52% premium for 5G services.

That consumer expectations of 5G revolve around video and rich media content should come as no surprise and mirrors similar expectations of 4G networks when they were first launched.

The bigger takeaway from Ericsson’s study lies in the growing reception towards smart home offerings, which haven’t really taken off in a big way due in part to the disparate markets for home IoT devices.

Telcos looking to capitalise on the 5G-powered smart home trend will have to take up the systems integrator mantle – like what they’ve been doing for enterprise customers – and make it easy for consumers to use and manage smart home solutions.

Globally, Ericsson expects 5G coverage to reach at least 45% of the world’s population by the end of 2024, thanks to the use of spectrum sharing technology that lets telcos deploy 5G and 4G services using the same spectrum.

Device and chipset makers have already laid the groundwork for 5G devices, with smartphones for the main spectrum bands expected to hit the market over the course of this year. This will drive the global number of 5G subscriptions to more than 10 million by the end of 2019.

June 21, 2019  8:34 AM

Alibaba Cloud earns validation from Singapore banking association

Aaron Tan Aaron Tan Profile: Aaron Tan

Alibaba Cloud said it has become the first public cloud supplier in the industry to obtain the Outsourced Service Providers Audit Report (OSPAR) validation by the Association of Banks in Singapore (ABS) in February 2019.

The validation, designed to ease any compliance burden faced by financial firms that host and manage sensitive data through cloud and outsourcing service providers, is expected to lower compliance-related adoption barriers for Alibaba Cloud in Singapore.

To retain the validation, Alibaba Cloud will be subject to strict standards set by the ABS, which will appoint external auditors to conduct regular compliance reviews of its cloud services in areas such as physical and IT security, as well as workplace processes.

The OSPAR validation follows 70 other security and compliance accreditations that Alibaba Cloud has picked up globally, such as Germany’s Cloud Computing Compliance Controls Catalogue (C5) and the European Union’s General Data Protection Regulation (GDPR).

It also secured accreditations from the Trusted Cloud Competence Network in Denmark, the National Electronic Security Authority (Nesa) in the United Arab Emirates, and has a cross-regional value-added telecommunication services business licence in China.

Alibaba Cloud said it also carries out independent self-assessments and audits on existing risk controls in regions such as Hong Kong, so as to ensure its services and operations meet regulatory requirements and security and compliance guidelines of financial firms.

Larry Liu, international compliance lead for Alibaba Cloud, said securing OSPAR compliance “in one of the world’s premier financial hubs means our customers can divert more resources to revenue-generating activities, while knowing they have a trusted and reliable partner in us”.

Alibaba Cloud was recently named first in the Asia-Pacific market share for IaaS (infrastructure as a service) and IUS (infrastructure utility services) in two consecutive years by Gartner in its latest report on the region’s IT services market.

The Chinese cloud supplier has been aggressively expanding its footprint across the region, starting with its international headquarters in Singapore that it opened in 2015.

It currently operates 15 availability zones in Asia-Pacific outside China, including Hong Kong, Singapore, Australia, Malaysia, Indonesia, India and Japan. The company set up its second datacentre in Jakarta this year in in an effort to meet “strong customer demand” for its services in Indonesia.

May 31, 2019  4:36 AM

Alibaba Cloud to guide SMEs on doing business in China

Aaron Tan Aaron Tan Profile: Aaron Tan

Chinese cloud giant Alibaba Cloud has launched a global programme in Singapore to guide small and medium-sized enterprises (SMEs) in the city-state that are looking to expand their business into China.

Called the China Gateway Programme, the initiative, rolled out in collaboration with DBS Bank, a slew of government agencies as well as industry associations, is part of Alibaba Cloud’s efforts to court overseas businesses as it expands its global footprint.

By tapping Alibaba’s technological knowhow and experience that has enabled it to become a global e-commerce and technology giant, Singapore SMEs will be able to capture and capitalise on growth opportunities in Asia and China.

But more than just supplying SME participants with cloud computing services, Alibaba Cloud will provide firms of all sizes with an in-depth immersion programme on doing business in China, connecting them to Chinese companies and consumers via the Alibaba ecosystem.

Global enterprises that have benefited from the China Gateway Programme so far include Japanese cosmetics giant Shiseido, American automaker Ford and Italian cruise operator Costa Cruises.

“As the largest public cloud provider in Asia-Pacific, and our role as the data intelligence backbone of all business units in the Alibaba ecosystem from e-commerce to payments, logistics and supply chain management, we have the proven expertise and experience to help businesses grow,” said Selina Yuen, president of Alibaba Cloud Intelligence International.

“With the support of our partners here, we are confident of supporting local businesses of all sizes and from all backgrounds to grow beyond Singapore, especially into China’s market,” she added.

Alibaba Cloud was recently named first in the Asia-Pacific market share for IaaS (infrastructure-as-a-service) and IUS (infrastructure utility services) in two consecutive years by analyst firm Gartner in its latest report on the region’s IT services market.

The Chinese cloud supplier has been aggressively expanding its footprint across the region, starting with its international headquarters in Singapore that it opened in 2015.

It currently operates 15 availability zones in the region outside China, including Hong Kong, Singapore, Australia, Malaysia, Indonesia, India and Japan. The company set up its second datacentre in Jakarta this year.

May 9, 2019  7:17 PM

Will OpenShift 4 be a game-changer?

Aaron Tan Aaron Tan Profile: Aaron Tan

The hybrid cloud message rang loud and clear at Red Hat Summit 2019, with executives from the open source bigwig touting its wares to help enterprises run their workloads on-premise and on the cloud.

The key to Red Hat’s hybrid cloud play lies in OpenShift, its container platform based on Kubernetes, which lets developers provision containers, along with self-service provisioning of IT resources and automation capabilities.

Already being used by over 1,000 customers worldwide, including notable Asia-Pacific companies like Australia’s ANZ Bank and Hong Kong’s Cathay Pacific, OpenShift received another shot in the arm this week with Red Hat Enterprise Linux CoreOS, an embedded version of Red Hat Enterprise Linux acquired from Red Hat’s buyout of CoreOS last year.

While Red Hat has been integrating CoreOS capabilities into OpenShift since last year, including the ability to automate Kubernetes cluster upgrades over the air, the latest CoreOS enhancement in OpenShift 4 will provide more choices for enterprises to deploy enterprise-grade Kubernetes by offering a lightweight, fully immutable, container-optimised Linux distro.

For some years now, Red Hat has been doing some interesting work around Operators, a method of packaging, managing and deploying software as Kubernetes applications. With OpenShift 4, Red Hat has introduced Operator certification to deliver a trusted ecosystem of enterprise applications with consistent packaging, deployment and lifecycle management across all OpenShift footprints.

OpenShift 4 also comes with OperatorHub, where enterprises can try out Operators, or Kubernetes applications, at various maturity levels. Red Hat said this will help to “foster iterative software development and deployment as developers get self-service access to popular components like databases, message queues or tracing in a managed-service fashion on the platform”.

To ease application development processes, OpenShift 4 will include a developer preview of Knative for building serverless applications. By providing autoscaling, in-cluster builds and event frameworks for developing cloud-native applications on Kubernetes, Knative enables developers to focus on writing code by hiding complex parts of building, deploying and managing applications.

Also on the serverless front, Red Hat partnered with Microsoft to allow developers to tap Azure’s serverless functions in OpenShift through their joint Keda (Kubernetes-based event-driven autoscaling) initiative. This is expected to drive greater use of serverless computing and increase Microsoft’s visibility among developers in the growing function-as-a-service market.

A key hallmark of OpenShift and Red Hat Enterprise Linux is portability across different environments, whether it’s on the public cloud, on-premise or hybrid cloud. In the coming months, OpenShift 4 will debut on major public cloud services including Alibaba Cloud, Amazon Web Services, Google Cloud, IBM Cloud, Microsoft Azure, as well as private cloud technologies like OpenStack, virtualisation platforms and bare-metal servers.

Whether OpenShift 4 will be a game-changer amid growing competition between Kubernetes distributions remains to be seen. But going by the feedback from industry watchers, Red Hat appears to be headed in the right direction.

Noting that Red Hat’s approach to enterprise Kubernetes is well-aligned with enterprise requirements, Jay Lyman, principal analyst for cloud native and DevOps at 451 Research, said OpenShift continues to be a top Kubernetes product in the market that simplifies central administration of Kubernetes clusters, environments and users.

To Al Gillen, IDC’s group vice president for software development and open source, OpenShift 4 offers the portability enterprises are asking for “in a package that brings substantive improvements in automating deployment and simplifying operation, which ultimately makes innovation easier.”

Will Red Hat OpenShift 4 be a game-changer? Tell us more in the comments!

Red Hat commissioned TechTarget APAC to cover Red Hat Summit 2019 in Boston. The above content was not reviewed or influenced prior to publication.

May 8, 2019  11:00 AM

How APAC firms are using open source software

Aaron Tan Aaron Tan Profile: Aaron Tan

Open source software has evolved from providing low-cost alternatives to proprietary offerings to a platform for innovation.

Most recent developments in cloud computing and software development, such as Kubernetes in the case of containers, for example, are first happening in open source.

Indeed, users of open source software at Red Hat Summit 2019 are embracing the technology not only to save costs, but also to tap new capabilities to solve business problems.

In the case of South Korea’s Lotte Card, the use of OpenShift has enabled the credit card company to keep up with the growing number of transactions over the years, said Jeong-hwan Kim, vice-president and CIO of Lotte Card.

Lotte Card boasts nine million customers and processes an average of three million transactions a day.

Kim said by moving its core systems to OpenShift, Lotte Card has not only improved transaction performance by 10 times and reduced costs by 10%, it is also able to deliver personalised marketing messages for customers using big data.

To DBS, Southeast Asia’s largest bank, open source software is a key to its digital transformation efforts.

Its group CIO David Gledhill noted that as DBS transforms itself to become a technology company, it has to harness the same open source technologies that are being used by hyper-scale companies such as Facebook, Google and Netflix, just to name a few.

DBS’s datacentres, for example, are designed based on Facebook’s open source datacentre blueprint. The bank also uses Netflix’s Chaos Monkey resiliency tool to expose its engineers to failures more frequently, so as to incentivise them to build more resilient services.

Gledhill, however, stressed that these tools are only used for testing and development rather than on production systems.

That’s where Red Hat’s OpenShift, which offers enterprise-grade support, comes in. Gledhill said the use of OpenShift for production systems has resulted in cost savings of as much as 80%, as well as improved DBS’s time-to-market by 10 times.

The situation is similar at Spark NZ, a telco in New Zealand that has moved its integration services from IBM Websphere to Red Hat OpenShift in an effort to improve operations and customer service.

Spark NZ’s general manager for IT applications Niall Fitzgerald said the lift-and-shift effort has enabled the company to deploy application changes quickly without outages, as well as put in place automation and continuous integration and continuous delivery (CI/CD) capabilities.

Red Hat commissioned TechTarget APAC to cover Red Hat Summit 2019 in Boston. The above content was not reviewed or influenced prior to publication.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: