Categories
Computers & Software Professional Services Technology World

Help Net Security Discusses How Passive Cybersecurity Awareness Training Might Not Be Enough Anymore

There was an article on Help Net Security that claims that the era of passive cybersecurity training is over. The article discusses how, despite people realising the need for improved cybersecurity, there are still vulnerabilities that leave businesses exposed to cyber threats.

The aforementioned statement is based on the key findings of a survey conducted by Action1. These are presented here:

Breaches Due to Known Vulnerabilities

The survey found that 10% of the respondents had suffered from a cyber attack in the past year. And, out of them, 47% were through known security vulnerabilities.

49% of the respondents said phishing was the most common attack vector, and over half (54%) reported they lost control of their data due to ransomware attacks.

Lack of Support from Executive Teams

Several IT teams reported that they didn’t receive adequate support for cybersecurity initiatives from upper management. That, according to them, has been a critical threat to the business’s cybersecurity posture.

The teams also reported that they often were too busy with operational issues to be able to adequately take care of cybersecurity.

Inadequate Response Time and Remediation Efforts

According to the respondents, the time taken to identify vulnerabilities, failure to prioritise security issues, and the delays in remediating known vulnerabilities might cost their companies in security breaches.

Not Enough Cybersecurity Awareness Amongst Employees

The survey reported that employees need more time to improve their cybersecurity awareness. That means organisations are more at risk through phishing and other cyber attacks.

Based on these findings, what can businesses do to reduce their risk of cyber threats?

Manage Security Vulnerabilities Better

Since known vulnerabilities are often the ones exploited by threat actors, it is essential for businesses to manage and patch these flaws as soon as possible.

Use Automation to Reduce Cybersecurity Costs

Executive teams might not see any direct benefits of spending on cybersecurity, even though a cyber attack can end up costing the business a lot. However, IT security teams can use automation to lower their costs. This can be useful in arguing their case for a stronger cybersecurity posture.

Improving Cybersecurity Awareness

Since any cybersecurity strategy is only as strong as its weakest link—the employees—it is imperative that they are educated on the threats they might face and how to tackle them.

Communication channels are the preferred mode of social engineering attacks. Data stolen from other sources can be used to customise messages to make them more personalised and appear trustworthy.

With such attacks on the rise, employees should not only be equipped to identify phishing attacks but to also understand the importance of verifying before trusting.

Moreover, threat actors are now also using AI to generate malware, which, depending on how it’s used, might be more sophisticated than the average, run-of-the-mill computer virus.

In other words, businesses need to reduce their reliance on passive cybersecurity training.

Luckily, instead of a six-hour training session, which will be forgotten within the week, there are tools to help with ongoing training and monitoring. One such tool is CultureAI—a platform that helps “improve cybersecurity behaviours and reduce security incidents caused by employees”. 

The platform offers human risk monitoring, security awareness coaching, employee security empowerment, and human risk response.

This platform can help alleviate some of the problems faced by businesses, such as poor cybersecurity awareness among employees, lack of knowledge on how to deal with potential risks, and what to do when an employee is at risk.

Categories
Computers & Software Professional Services Technology

Can Digital Transformation Make the Life Insurance Industry More Empathetic?

Life insurance is one of those things that regular people don’t fully understand. Calculating premiums is a complex task that takes various factors into account. Then there are different types of life insurance policies, which makes it difficult for someone to choose from. Then there are the anecdotal reports of people not getting a payout because they didn’t have enough coverage.

The thing is, if the beneficiary is making a claim on a life insurance policy due to the death of the policyholder, it’s already a sensitive time for them. If they are told they are not eligible for a payout at that time, it can affect their perception of the company.

And, it will definitely affect how other people close to them view the insurance company.

At the same time, insurance companies have to follow rules as well. They have to ensure that the terms of the policy are being met. 

This conundrum has led to people not trusting insurance companies and “keeping their distance”.

However, there is an unlikely mediator who could help the industry build a better relationship with customers.

The Use of Technology in the Insurance Business

This author has already discussed the benefits of the insurance industry using AI to deliver a better experience to customers. However, digital transformation can be used to improve user experience across the board for all customers.

In fact, insurance software provider, Zinnia, has said that life insurance quoting software products is not the only way to keep customers happy. 

The key is to provide great customer service throughout the process.

The best part is, technology can also make insurance companies show more empathy to clients. 

However, building a relationship starts much earlier than that stage, so here’s how technology can make life easier for customers.

Demystifying the Onboarding Process

This article touched upon how the initial stages of purchasing a life insurance policy are so complicated that they put people off. 

Technology is already making this phase easier through automation.

Insurance companies are leveraging technology to allow potential customers to register themselves quickly and easily. They no longer need to navigate through complex options.

Optimising Customer Communications

With the rise of AI chatbots, insurance companies no longer need humans manning phones. Well, they do, but a vast majority of queries can be answered using automated responses.

In fact, if companies invest in consolidating their customer data, the customer can communicate with the company through any channel of their choice without it being disjointed.

Technology can also be harnessed to customise the user’s profile so they get marketing communications tailored to their needs. That means they get offers and promotions that are relevant to them, and not what they’d consider spam.

Humanising Payouts

As mentioned earlier, when beneficiaries make a claim on a life insurance policy, they are already going through a difficult time. The post-death processes of a loved one can take an average of 420 hours across months.

It makes no sense to make them jump through hoops when they and their families are already grieving.

Using technology, companies have made it easier for claimants to file claims digitally. Others are going the extra mile by using technology to provide support to grieving families. These include grief counselling, funeral assistance, and logistical as well as emotional support.

The Tech–Human Balance

Whilst technology can be an excellent tool, it can never replace the human touch. Insurance companies can use automation and AI to streamline their processes, but empathy has to come from the people. 

However, digital transformation can be very useful in making the lives of their customers easier. That, in turn, will help mitigate some of the “bad press” the insurance business gets. And, eventually, it might even help these companies build stronger relationships with their customers.

Categories
Computers & Software Shopping & Deal Technology

Top 10 Antivirus Site Announces Latest Rankings for 2023

New York, NY, 03.23.2023 – Top 10 Antivirus Site, the newest and most reliable online platform for antivirus reviews and recommendations, has officially launched. The site is dedicated to providing users with the best antivirus software solutions available on the market. With cyber threats on the rise and more people working remotely, the need for reliable antivirus software is more important than ever before.

The site provides detailed reviews of the top 10 antivirus software programs, giving users a comprehensive guide on the features, pros, and cons of each program. The site also features a comparison tool that allows users to easily compare the various antivirus programs side-by-side, making it easier for them to choose the best option for their needs.

“As cybersecurity threats continue to increase, it is important for everyone to have the best possible protection against them,” said Franck Manroe, founder of Top 10 Antivirus Site. “Our site is dedicated to making it easier for users to find the most reliable and efficient antivirus software on the market. We’ve done all the research so you don’t have to.”

The site’s team of experts has tested and reviewed each antivirus program extensively, ensuring that the information provided is accurate and reliable. The site also provides users with the latest news and updates on cybersecurity threats, ensuring that they are always up-to-date on the latest trends and developments in the industry.

Top 10 Antivirus Site is committed to providing users with the best possible service and support. The site’s team of experts is available around-the-clock to answer any questions and provide assistance to users who may need it.

For more information on Top 10 Antivirus Site, please visit the site at Top 10 Antivirus. Stay safe online with the best antivirus software programs available on the market.

Categories
Computers & Software Energy & Environment Leisure Activities Technology U.K

Energy Efficiency: Re-Using Heat From Data Centres to Heat Up Public Swimming Pools

The rising energy prices in the UK have affected not just households but also businesses. Data centres, for example, require a lot of energy to keep their computers cool. The cost of running air conditioning for these can be astronomical.

Similarly, public swimming pools require energy to keep the water warm enough to swim in. Maintaining a steady 30 degrees C means an energy bill can cost thousands. And, with the anticipated increase in heating costs, leisure centres are expecting to pay £100,000 more this year.

However, someone noticed the opposing requirements of these two entities and figured why not get them to help each other out.

But, why do data centres need help? 

One can see how the heating cost is a factor for public pools. In fact, BBC News reported that 65 pools have closed down since 2019, with rising costs being listed as a significant factor. But data centres?

The Problem Data Centres Face

Cloud computing and digital transformation have meant that the need for data centres has grown exponentially. Microsoft, Google, and Amazon Web Services need more data centres in the UK. 

However, they face the likelihood of being hit with sustainability-related regulations to keep them out of certain parts of London. Some of these regulations might limit the amount of power they consume and mandate how they reuse heat.

These regulations will mean data centres might have to either scale back their expansion plans or look into newer ways of energy efficiency and heat capture.

Swimming Pools to the Rescue

The founder of tech startup, Deep Green, Mark Bjornsgaard, came up with the idea of using small data centres as “digital boilers” for swimming pools. He provided a small, washing-machine-sized data centre to the Exmouth Leisure Centre.

The “digital boiler” is made up of computers housed inside a white box, which is surrounded by oil. The oil absorbs the heat generated by the servers and then it’s pumped into the heat exchanger, where the absorbed heat is transferred to the water.

The cooled oil is sent back into the boiler to continue the heat transfer process.

This system has provided around 60% of the heating required for the pool. And, it’s been so successful that up to 20 public pools might adopt this heating system this year. 

The best part is, this system is free for the pools. As mentioned above, data centres need to demonstrate sustainability, whilst also keeping servers cool. The data centre installed in the Exmouth Leisure Centre pool has been provided free of charge.

What’s more, Bjornsgaard also refunded them the electricity cost of running the server.

Is This the Heating Solution of the Future?

As the need for more data centres grows, there is a possibility that, at some point in the future, people could house (pun intended!) data centres in their homes as “digital boilers”. However, for now, people still need to rely on traditional boilers to heat their homes. 

Of course, as heating costs rise, regular maintenance and repair of boilers (by reliable service providers, like Mulgas Boiler Care Specialists) will help keep homes energy efficient for now.

In the future, however, it is entirely possible that when boilers act up, homeowners might need to call a server repair technician.

Categories
Business Computers & Software Technology U.K

Vulnerability Management 101 for Businesses That Care About Cybersecurity

Businesses, both small and large, rely on technology. That means using computers (and other devices), apps, software, and, of course, a connection to the internet.

And, as technology becomes more sophisticated, it also falls prey to misconfiguration and vulnerabilities. 

These, in turn, can leave the business open to cyber attacks, leading to data breaches or loss control of assets.

That’s why vulnerability management is so essential.

What Is Vulnerability Management?

“Vulnerability management” refers to an integral part of cybersecurity management. It’s a task periodically carried out to identify, evaluate, remediate/mitigate, and report any potential weaknesses in a business’ network, system, infrastructure, or endpoints.

It forms a part of an overall strategy where cybersecurity is maintained by constantly evaluating risk and finding points that threat actors could use to gain access. Once these weak points are identified, the threat can be assessed and patch implementation carried out.

The reason why vulnerability management is essential is that it can help businesses reduce the avenues a threat actor has to get into the data and network of the company.

How Does Vulnerability Management Work?

As stated previously, vulnerability management is a process where a business scans its systems and network for exploitable weaknesses. It generates a list of potential “problem areas”.

These are then assessed and given a priority ranking. This ranking helps business team identify issues that need fixing first.

Since the process is periodic and ongoing, businesses can monitor all its digital assets to ensure your data stays safe.

What Is the Vulnerability Management Process?

The Vulnerability Management Policy

As with anything else in a business, vulnerability management starts with a plan. Here’s what security teams need to map out:

Prepare the vulnerability management policy: Once created, the policy should be shared with other stakeholders to get their input before proceeding further.

Create a priority system: certain systems might not require as much security as others. By creating a priority list, teams can focus on the important parts whilst giving others slightly less, but adequate, attention.

Factor in the industry- and region-specific regulations: Certain industries have to follow regulations and policies specific to the work they do. Certain regions might have more stringent regulations around cybersecurity and data protection.

Train cybersecurity and vulnerability management stakeholders: Whilst it is important that everyone in the organisation is trained on cyber secure behaviour, certain people would have to take on extra responsibilities. 

For example, security officers, cybersecurity or vulnerability engineers, asset and data owners, managed security service providers (MSSPs), and other business leaders. For a smoother operation, these people should know their roles and responsibilities in the vulnerability management process.

The Vulnerability Management Process

Once the policy is drafted and in place, teams can start implementing it. The vulnerability management lifecycle can be broken down into the following steps (bear in mind, all of these steps have to be repeated regularly if you want to stay on top of threats):

Finding out the vulnerabilities: Identifying vulnerabilities in a business’ networks, systems, and IT assets can be done through vulnerability scanning (an automated process that identifies and reports exploitable weaknesses) or penetration testing (a mock attack carried out by a person who uses any weak points they find to “attack” a system like a hacker would).

Evaluating and prioritising vulnerabilities: Once there’s a list of vulnerabilities, a business doesn’t just start fixing them in any order. They need to be assessed and prioritised in order of how likely they are to be exploited and how much damage the threat actor can do through them. 

It is entirely possible that there’s a vulnerability that doesn’t actually pose any threat to an organisation. That’s why they need assessing and prioritising, so serious weaknesses are dealt with first.

Remediating and mitigating: Once a team knows which vulnerabilities they need to deal with and in what order, they can start the process of fixing them. Some can be fixed with vulnerability patches. Others might not be fixable, and may require mitigation instead.

Assessing if the fixes worked: If a team doesn’t test its solutions, it won’t know whether they worked or not. This process might require additional scanning or penetration testing. That way, businesses can definitively determine if the remediation and mitigation worked.

Documenting and reporting: The team will need to document any vulnerabilities discovered as well as the steps taken towards their resolution. Of course, if there are a different sets of reports coming in from processes like scans, pen testing, or other such activities, it might help to have them all in one place. 

Leading cybersecurity service provider, DigitalXRAID, recently launched a one-of-a-kind portal that “allows a company’s cybersecurity measures to be viewed from a single source and enables greater collaboration across the business.” 

This portal, called OrbitalX, enables businesses to create bespoke and automated reports to provide clients with “a holistic overview and better visibility of [their] cybersecurity posture and risk.”

Reassess the cybersecurity framework from time to time: Cyber threats continue to evolve. To keep up with them, the cybersecurity industry keeps developing new methods and tools for protecting data. 

A business has to keep up with both the potential threats and the available solutions in order to be truly protected. The best way of doing so is by periodically reassessing the cybersecurity framework.

Categories
Computers & Software Marketing & Sales Technology U.K Website & Blog

Gartner’s Report Discusses Four Market Trends for IT Companies in 2023

Gartner recently released a report on the four ways the technology market will change for IT companies in 2023.

According to the report, there are nine trends that would affect tech vendors but only four of them are “new” trends. The nine trends have been classified into three categories:

Increased reliance on tech

  • Federated enterprise tech buying
  • Co-innovation ecosystems
  • Democratisation of tech
  • Product-led growth

Opportunities through new tech

  • Digital marketplaces
  • Intelligent applications
  • Marketing and CX with metaverse tech

Impact of macro forces

  • Sustainable business
  • Techno-nationalism

Of these nine, the report focuses on:

  • More federated enterprise tech buying
  • The increase in product-led growth strategies
  • The rise of digital marketplaces
  • Metaverse technologies incorporated into marketing and CX

Important Tech Trends in 2023

More Federated Enterprise Tech Buying

In a survey conducted in 2022, Gartner found that “67% of enterprise IT decision-makers are not in IT”. 

According to the report, as more and more decisions are made by non-technical stakeholders, buying the latest technology becomes less important than the outcomes and value businesses get out of them.

To use this trend optimally, Gartner recommends that businesses:

  • Shift their marketing strategy to focus on customer-oriented value rather than technology-based scenarios
  • Use their Ideal Customer Profile (ICP) to understand the buying behaviour of the target audience, and leverage that information to maximise better quality and successful deals
  • Guide clients who aren’t tech-educated to make better, more informed decisions

Increase in Product-Led Growth Strategies

Product-Led Growth (PLG) is a strategy where the product is used to give potential customers a taste of how it could add value to their processes. This happens before there is any sales talk.

According to Gartner, this trend is going to pick up so rapidly that PLG will become an accepted market practice by 90% of SaaS businesses in 2025. Considering that only 58% of businesses currently use this practice, that’s quite a steep rise.

Under this strategy, customers will enjoy “self-service product experiences”. The signals gathered from these would be used to create “sales-driven conversions and expansion plays”.

This strategy can offer a rapid growth pattern. However, it requires more thought than simply introducing a free version of the product and hoping it’ll lead to sales.

In order to be successful, the PLG strategy requires buyer awareness marketing as well as onboarding. Customers have to be provided with the right guidance and support. Finally, it requires a data-driven, at-scale strategy for conversion and expansion.

Of course, the entire strategy would rely on a product with an intuitive user experience, easy or quick onboarding, and the ability to quickly demonstrate value to customers.

Rise of Digital Marketplaces

Tech buyers, especially non-tech ones, are increasingly looking at digital marketplaces for buying “composable and easily consumable solutions”. 

Gartner predicts that, by 2026, all major application service providers and cloud platforms will offer customers composable solutions. These will be differentiated by “quality, convenience, and security”.

In order to make the most of this trend, businesses would need to:

  • Identify which marketplace channel works best, based on their solution fit and the preferences of their potential customers
  • Understand that their customer base is shifting to a non-tech one, which means they might need to tweak their marketing strategy
  • Realise that they’re part of a marketplace for the benefit of their customers, so join marketplaces based on their suitability, or launch their own

More Metaverse Technology in Marketing and CX

Metaverse—described as “a collective virtual shared space”—represents various technologies. These include virtual reality (VR), augmented reality, (AR), flexible work styles, head-mounted displays (HMDs), AR cloud, internet of things (IoT), 5G, artificial intelligence (AI), and spatial computing.

(Take a look at how AI is going to disrupt digital marketing as well!)

These technologies are being used as marketing tools to generate engagement through unique experiences and memorable interactions.

Of course, since most of these technologies are quite new, it is up to businesses to determine which ones work for them and when they need to implement them. Businesses would need to evaluate how viable they are and invest in a strategy for continuous evaluation as they continue to evolve.

The trends discussed by Gartner might mean businesses will have to rethink (or at least gently tweak) their tech marketing strategy to capitalise on these. Of course, there are specialist software marketing agencies, like Geeky Tech, that could help.

However, the fact remains that we are witnessing a moment in history where a paradigm shift might be approaching. How businesses use the information from this report might be what differentiates them from their competitors.

Categories
Business Computers & Software Services Technology U.K

The Role of Cloud Data Lakehouses in Machine Learning and Deep Learning

Before one can understand the role of cloud data lakehouses in machine learning and deep learning, one needs to know what machine learning and deep learning actually are.

Anyone vaguely interested in artificial intelligence (AI) might have come across these two terms before. Contrary to some confusion, these terms aren’t interchangeable (despite both having something to do with learning). For anyone interested, here’s an article that discusses the difference between machine learning and deep learning.

It’ll clarify why structured, unstructured, and semi-structured data are all so important in artificial intelligence.

What’s the Difference Between Machine Learning & Deep Learning?

To understand how ML and deep learning differ, people first need to understand what these two types of learning are.

What Is Machine Learning?

Machine learning is the process of teaching computers to make decisions and predictions based on a bunch of rules. These include simple if-then logic, using mathematical equations, and neural network architecture.

The algorithms used to teach computers through ML generally rely on structured data.

What Is Deep Learning?

Deep learning is a process of teaching computers in a manner similar to how humans learn. Instead of using structured data with structured rules, this process uses unstructured data. Obviously, this type of learning takes longer and requires specialised AI learning processors.

Deep learning is used for AI that has to mimic human-like decision-making processes; eg., Natural Language Processing (NLP), software for self-driving vehicles, and image recognition software.

So, to summarise, machine learning is a structured learning model that takes less time, whilst deep learning is a more organic learning system, which takes longer, is more complicated, and requires complex hardware.

Machine learning is useful for solving simpler, linear problems, like classification, regression, dimensionality reduction, and clustering.

Deep learning, on the other hand, is used for solving more complex problems, where human-like thinking and processing might be required. These include image and speech recognition, AI game bots, NLP, and autonomous systems.

Structured Data vs. Unstructured Data vs. Semi-Structured Data

So, now that we know what machine learning and deep learning are, let’s move on to structured and unstructured data. As we just saw, both have a role in the development of AI. Here is the difference between the two.

Structured Data

Structured data, as the name suggests, is, well… structured. It follows a standard format and can be worked on directly. If you’ve ever worked with an Excel spreadsheet, with the information neatly organised in cells and tables, you’ve encountered structured data.

Such data is easy to store, access, and process, because it’s all so well organised.

Unstructured Data

Unlike structured data, unstructured data cannot be organised as easily. It doesn’t follow a standard format and each item in the database could have different properties. Examples of unstructured data include images, video files, audio files, social media posts, or behavioural data.

Since this data is so varied, it cannot be organised into neat little compartments. As a result, it needs more storage space and it can be slightly difficult to retrieve.

Semi-Structured Data

This type of data, whilst largely unstructured, does have some organisational logic to it. In fact, some people argue that there is no true unstructured data. Even an image will have some meta-data included, which can be used to retrieve it.

However, unlike structured data, semi-structured data too requires more storage.

This brings us to cloud data lakehouses.

What Is a Cloud Data Lakehouse?

When you want to store clean, organised structured data, you use data warehouses. These are ideal for business intelligence data. 

On the other hand, if you want to store unstructured data and semi-structured data, you want data lakes. These types of data can’t be housed in neat, logical data warehouses.

But, having two types of storage for structured and unstructured data means you cannot derive benefits from both. That’s where a data lakehouse enters the picture.

A data lakehouse combines the logical, analytical storage of a warehouse with the flexibility of a data lake—ideal for an artificial intelligence model which uses both deep learning and machine learning.

Whilst a data warehouse is simple in structure, the data lakehouse architecture is largely dependent on your business’s needs. You might need an expert, like Agile Solutions, to help you design a bespoke solution.

However, having a cloud data lakehouse can be an important resource if you want to make the most of the data—both structured and unstructured—that your company owns.

Categories
Business Computers & Software Technology U.K U.S

Microsoft Introduces Closed Captions in PowerPoint Live for Teams Meetings; Presentations Expected to be More Accessible

Microsoft has reportedly rolled out the coveted Closed Caption feature in PowerPoint Live for Microsoft Teams meetings. 

Announcing the release on March 6th, 2023, Microsoft said that with this new feature, users seeking to make their presentations more accessible to a larger audience can add closed captions to any video file embedded in a PowerPoint slide. 

The new feature is currently available in PowerPoint for Mac and Windows operating systems, reported Commercial INTEGRATOR

Details of the Closed Caption Feature

Microsoft expects this new feature in Microsoft Teams to help people with language barriers or hearing impairments to participate in the meetings. Participants with issues in processing auditory information, or attending a meeting from a loud place can also benefit from the feature.  

Now, while in a Microsoft Team meeting, they won’t face difficulties comprehending the audio components of the video content embedded in a PowerPoint presentation being shared via PowerPoint Live. 

“Closed captions make PowerPoint presentations more accessible and benefit everyone who watches videos, especially those watching videos in their non-native language, people learning to read, and individuals who are deaf or hard of hearing,” said Microsoft in one of its Tech Community posts.

Additionally, meeting attendees can also activate or deactivate captions for any video project containing a closed captions file.

Once activated, attendees can find the Closed Caption feature at the bottom of their PowerPoint slides. Microsoft confirms the new addition, when turned on by a specific meeting attendee in the Teams, will not distract others.

Adding Closed Captions

In its Tech Community post, Microsoft has broken down the process of adding closed captions to video content included in a PowerPoint presentation:

  1. Open the required PowerPoint slide with the video content
  2. Select the video and click Insert Captions from the Playback tab
  3. Choose the WebVTT file or files to be added to the selected video content from the Insert Captions dialog box
  4. Click Insert Caption to add closed captions

When this PowerPoint presentation with closed captions is shared using PowerPoint Live in Microsoft Teams, the Closed Caption feature will automatically appear for all meeting attendees. 

To turn on closed captions, attendees need to:

  1. Press the Closed Captions options on the video player in the PowerPoint Live presentation
  2. Pick the language from the dropdown list

“Once turned on, the video closed captions will appear at the bottom of the slide for only the individual attendee, empowering each attendee to choose the closed captions setting that’s best for them without distracting other attendees who may prefer to have closed captions turned off,” explained Microsoft in the Tech Community post. “When no closed captions are available for a video, the closed captions button will be unavailable for participants to select.”

Turbocharge Your PowerPoint Presentation

With more than 500 million users worldwide, Microsoft PowerPoint seems like the obvious choice for many when it comes to creating business presentations.

However, with so much clicking, formatting, and manual calculations, creating a professional-looking presentation in PowerPoint becomes a time-intensive, cumbersome task. 

For users looking to create a great-looking presentation with stunning charts, using a high-end PowerPoint add-in like think-cell is a sensible decision.

A high-quality add-in fully integrates into Microsoft office 365 and helps users impress the audience while significantly saving them time.

Wrapping Up

Microsoft stated that the Closed Caption feature is “just a beginning.” The company is committed to delivering proactive and pleasant Teams meeting experience to attendees with hearing impairments.

Categories
Computers & Software Technology U.K U.S

Atlassian Patches Critical Severity Authentication Vulnerability in Jira Software; Admins are Urged to Upgrade Their Installations

Atlassian has reportedly released multiple fixes to patch a critical severity authentication vulnerability in its powerful ITSM tool—Jira Service Management Server and Data Center.

Jira Service Management Server and Jira Service Management Data Center run on top of Jira Core and enable future-focused enterprises to connect Dev, IT Ops, and business teams to boost productivity.

Breaking Down the Vulnerability

The broken authentication issue was detected in version 5.3.0, thus affecting all subsequent Jira software versions—from 5.3.0 to 5.3.1 and 5.4.0 to 5.5.0. 

Publishing an advisory, Atlassian underscored the flaw as a ‘critical severity’ authentication flaw based on the company’s specific severity code. Tracked as CVE-2023-22501, this authentication bug is rated with a CVSS score of 9.4 by the company. 

This authentication bug, if unpatched, could be exploited by threat actors to impersonate authentic users and in specific cases, infiltrate Jira Service Management instances, according to Infosecurity Magazine (reported by PERTI).

“With write access to a User Directory and outgoing email enabled on a Jira Service Management instance, an attacker could gain access to sign-up tokens sent to users with accounts that have never been logged into,” the company explained in its advisory.

“Access to these tokens can be obtained in two cases: If the attacker is included on Jira issues or requests with these users, or if the attacker is forwarded or otherwise gains access to emails containing a ‘View Request’ link from these users,” Atlassian explained.

Once the vulnerability is exploited and followed by a password change, no email notifying the change is sent to the account owner, which makes the detection of the account compromisation really tough. 

In the advisory, Atlassian warned users that the bot accounts are more likely to fall prey to attackers.

Until most recently, this authentication bypass issue has not been exploited maliciously in the wild. 

Atlassian Urges Admins to Upgrade Their Jira Software

As part of its effort to help admins address the vulnerability, Atlassian, in the above-mentioned directory, has declared the release of patches for Jira versions 5.3.3, 5.4.2, 5.5.1, 5.6.0, and later. 

The productivity software giant has urged admins to upgrade to the latest fixed versions of the software to mitigate the authentication flaw before attackers can hold sway over their accounts. 

However, for users who cannot upgrade their installations immediately, Atlassian has offered a temporary workaround solution. Atlassian has provided users with a JAR file that can be used to manually update the “service desk-variable-substitution-plugin.” 

Admins opting for the latest upgrades can get notified of which accounts had been compromised since deploying the older version.

However, upgrading a software instance is highly disruptive and involves intricate steps. For businesses seeking a smooth upgrade to the latest Jira versions, investing in a high-end Atlassian consultancy service like Automation Consultants is a sensible decision. 

By executing periodic security audits of Atlassian products like Jira, Bitbucket, and Confluence, a class-leading consultancy service with Atlassian experts can help teams evaluate the security posture of their Atlassian stack.

Atlassian suggests admins force a password reset on all potentially compromised accounts, for which confirming their email addresses is imperative. 

The company recommends users disconnect and shut down the breached server upon detecting a vulnerability in order to limit its extent. 

The company confirmed Jira services hosted on Atlassian Cloud via the atlassian.net domain were not impacted by the vulnerability. 

Categories
Computers & Software Manufacturing & Industry Technology U.S

Luminate Capital Partners Makes Strategic Growth Investment in Ease, Inc.

SAN CLEMENTE and SAN FRANCISCO – March 14, 2023 – Luminate Capital Partners, a private equity firm focused on enterprise software, announced last week a majority-stake growth investment in Ease, Inc. (“Ease”), a leader in manufacturing plant floor audit software.  

Luminate’s investment will help Ease expand its leadership position in the manufacturing software sector by accelerating new product development, innovation, and other key growth initiatives.  

The EASE plant floor audit SaaS platform is purpose-built to serve the manufacturing industry. EASE harnesses the plant floor data, provides deep insights into manufacturing processes, and delivers immediate ROI for customers via higher productivity, improved quality and safety, and lower costs and defects. EASE is used in more than 40 countries and 20+ languages to conduct millions of audits every year and is trusted by hundreds of global enterprise customers from automotive to aerospace, electronics, medical devices, food & beverage, packaging and more. 

“Manufacturers are just embarking on their digital transformation journey and EASE is right at the center. We are transforming business critical audit processes and providing actionable insights in real time for all types of manufacturing,” said Eric Stoop, CEO of Ease. “Ease is proud to be able to work hand in hand with manufacturers to drive efficiency, increase quality and employee safety, and reduce risk. We are excited to start this next chapter with Luminate and leverage their extensive experience in scaling and driving growth through product expansion and innovation.” 

Dave Ulrich, Partner at Luminate, said, “Ease is addressing a large global opportunity. Their innovative platform helps manufacturers simplify how they administer, conduct, and respond to plant floor audits, a process still often done manually on paper. Ease’s platform delivers significant value to customers today and we believe through additional product investment there’s opportunity to offer even more.” 

“Ease has seen impressive growth in recent years,” added Chris Murphy, Operating Partner at Luminate. “We are excited to partner with the team to support their continued growth and success.” 

In connection with the investment, Hollie Haynes, Chris Murphy, and Dave Ulrich will join Eric Stoop on Ease’s Board of Directors. Spotlight Equity Partners, Ease’s previous majority shareholder, will retain a minority stake.  

Suken Shah, Co-Founder and Managing Partner at Spotlight said, “We have been impressed with the entire Luminate team and believe they are a great partner for Ease going forward. We look forward to collaborating with them to build on the company’s strong momentum.” 

Lincoln International provided M&A advisory services to the shareholders of Ease and legal advice was provided by McDermott Will & Emery. 

Kirkland & Ellis was legal advisor to Luminate.  

Terms of the transaction were not disclosed.  

About Ease 

Ease’s multi-tenant SaaS solution is built for manufacturers of all sizes. The solution automates manual and time-consuming plant floor audits, inspections, and data collection to digitize a historically manual, paper-based approach. Leading manufacturers in 40+ countries around the world, including Dana, Eaton, and 3M, trust Ease to automate plant floor audits and keep pace with manufacturing requirements. Founded in 1986, Ease is headquartered in San Clemente, California. For more information, please visit www.ease.io.

About Luminate Capital 

Luminate Capital Partners is a private equity firm investing in growth software companies, based in San Francisco. Luminate’s portfolio of market leaders has included Axonify, Conexiom, Compliance & Risks, StarCompliance, Quantivate, Thought Industries and Suralink. For more information, please visit www.luminatecapital.com.  

About Spotlight Equity Partners 

Spotlight Equity Partners is a private equity firm investing in enterprise software companies. Spotlight’s current portfolio of software companies includes ScaleGrid, Pharos, Nicus, cFive, SirsiDynix, and Identity Automation. For more information, please visit www.spotlightequity.com.  

Media Contact:  

For Ease: 

Andrea Walter 

Chief Marketing Officer 

Ease 

andrea.walter@ease.io 

For Luminate:

Chris Tofalli 

Chris Tofalli Public Relations, LLC

chris@tofallipr.com