Q&A with Vincent Avoseh

It’s time for a sit-down with another of our Somerville stars. This time we chat with Vincent Avoseh, Lead Engineer, Network Infrastructure, in our Connect pillar. He has been with us for over three years now, and was recently involved in our major Network Upgrade. Let’s find out a little more…

 

Q: Give us a high-level summary of the new Somerville National Network, and your role in the project: 

The new Somerville National Network is designed to increase the service offerings to customers across all sectors. It is implemented to deliver unique network experiences using the industry’s cutting-edge technologies. I was part of the design team and also lead the implementation.

Q: What was the biggest challenge you overcame working on the network upgrade?

Translating the conceived design into a robust and agile national network that threads the delicate line between complexity of requirements and simplicity of operation.

Q: What’s your favourite thing about working at Somerville?

The Somerville culture—you have to be at Somerville to get the hang of it.

Q: What’s your secret skill?

I believe patience is a virtue. Patience helps you see what you ordinarily wouldn’t.

Q: What’s the first job you ever had?

I started out working as a computer hardware technician pulling computers apart to fix hard-disk, memory, CPU, motherboard or power-supply issues.

Q: What was your most beloved band from your adolescence? 

My beloved band as an adolescent was the Hillsong choir.

Q: What are some of the things you are most proud of in your life?

My family has always been a source of pride for me.

Q: What was your favourite food as a kid? How about now?  

I would have any meal of rice any day.

Q: What’s something on your bucket list that you can’t wait to do?

I would love to travel around Europe and America.

Q: What’s the next country you’d like to visit and why?

Croatia, because it has some of the most beautiful beaches in Europe.

Q: What’s one of your favourite hobbies?

Learning through documentaries.

Q: What’s something about you that surprises people when they find out?

The fact I grew up thinking of becoming a professional soccer player.

Q&A with James Kim

James Kim may be a new face at Somerville, but he’s already making great strides as a Cloud Solution Architect in our Sydney office. Want to get to know him a little better? Read on to find out more…and if you’re lucky, he might give you a chicken wing recipe!

 

Q: What’s the first job you ever had? And what was the biggest thing you took from that? 

The first proper full time job was to support airline systems at the Sydney International Airport where all the check-in counters, boarding pass/bag tag printers are connected to.  I could go anywhere in the airport without restrictions and that was fascinating at young age.

The biggest thing I took from this job was dealing with mission critical systems whereby the system availability is absolutely critical.  Every minute of delay would cost the airline thousands of dollars and the system architecture with redundancy was crucial to the business.

Q: What’s one of your secret skills?

I am not too sure if I would call it a skill but I do have many hobbies which I have taken to the next level. Photography, Golfing, guitar, piano tuning, composing music, high-end speaker building and design etc. These are not only helping me what to do in my spare time but brings many different topics to have a conversation with people ie: customers and people around me, making them comfortable and interesting. 

Q: Do you follow any sports? 

I used to play golf to becoming a professional at young age until I had a tragic motor bike accident.
After 6 major surgeries I was able to walk and play again but as a hobby and teaching. One of my achievements in teaching golf was to produce a young female golfer called Grace Kim who just turned LPGA professional golfer few months ago. She won the Geoff Ogilvy invitational in Dec 2021 and came second place at the Australian PGA Championship last month.  She has been the ranking no. 1 for three consecutive years among female Australian Amateur golfers + Olympic gold medallist 2-3 years ago in Youth Olympics.

Q: What was your most beloved song or band from your teen years? 

Scorpions / ThinLizzy / Cold Chisel

Q: What are some of the things you are most proud of in your life? 

I think I am proud to be where I am and my family. I came from a non English-speaking country (Korea) and entered into UNSW Computer Science with less than 2 years of study without speaking any English at the start. Now my eldest daughter has entered the same university studying Architecture; she is a lot better than her father (HDs on all her subjects last year).  

Q: What would be your ideal dream meal?  

15 course meal in Tokyo Japan—I had it in 2018.

Q: What’s so cool about hybrid cloud?

You can get the best out of both premises.

Q: What’s something on your bucket list that you can’t wait to do?

Traveling Europe with my wife and my daughters. We all are looking forward to do it.

Q: What was the last gripping movie you watched? 

A Korean movie called “Old Boy”

Q: If you won $10million on the lottery, what would you do/how would you spend it? 

Pay off the mortgage, buy new houses for my parents and parents in-law. Then make donations to our church and friends.

Q: What’s the next country you’d like to visit and why?

Korea and Japan again because there is so much to do there!

Q: What’s something about you that surprises people when they find out? 

My list of hobbies! 

Q: Favorite video game of your youth?

StarCraft

Q: What’s your go-to recipe for cooking to impress? 

James-style Chicken Wings

5 Things I wish I’d known about security before migrating to cloud

Migration to the cloud is a very large concept and represents a significant undertaking for any organisation. The fact that, as a technology, it has been discussed at length for a few years doesn’t mean it’s a given that everyone must do it or that there is only one way to do it. Here are some of the most vital tips that we have learned from our industry partners over the years.

Do the research

Organisations do not need to migrate to the cloud just because everyone else seems to be doing so. Everyone should have clearly defined reasons backed up by strong research and a SWOT analysis. This research should allow everyone involved to clearly understand and communicate the benefits of such a move. These benefits might include agility, scalability, cost savings and innovation.

Anticipate (and seek) the cloud’s added benefits

Most people undervalue – or remain unaware of how public cloud fosters innovation. It’s more than just a place for data. It provides access to a wide array of tools and templates in areas such as big data, machine learning, IoT, and more, that can help differentiate and accelerate business. 

Go long

Public cloud should be viewed with the end in mind. Rather than approaching it iteratively – migrating a few workloads to “see how it goes” it is better to create a long-term plan that demonstrates the viability of migrating an ERP system, a customer service call system, a CRM system, or an on-premises data centre there. Long-term thinking stands a greater chance of extracting value, ensuring consistency, and avoiding missteps.

Modernise

Rather than simply “lifting and shifting” existing processes to the cloud, a migration allows for a redesign. It gives organisations a chance to reassess their existing application life cycle, re-architecting them to take advantage of new cloud-native tools and services. Some organisations choose the approach of allowing legacy applications to continue working on-premises, but as those applications are decommissioned, their replacements will run in cloud using the latest cloud native tools and services. This requires careful planning, but it is important to recognise that a new cloud environment is not just a like-for-like replacement of on-prem, but an advancement.

Focus

Although there are many public clouds out there to choose from, there is little benefit in diversifying and spreading a presence across multiple public clouds or moving workloads from one cloud to another based on spot pricing. This approach is risky and complex. It is far wiser to identify which cloud works best for current and future workloads, and then hire people with the appropriate skills, prepare the migration carefully, and learn about all the efficiencies and cloud consumption discounts that can be applied.

Focusing on a single security vendor also reduces complexity, ensures integration, and provides savings through ELA consumption models. Often, a common management console can be used to control, monitor, and orchestrate diverse environments much more easily.

Secure the hybrid environment

Adopt and maintain a thorough Zero Trust methodology right across on-premises, private cloud, public cloud, and endpoint environments, which includes key techniques such as: “never trust, always verify,” “least privilege,” and micro-segmentation, in all environments.

Securing also includes protecting the physical and virtual network, protecting individual workloads, hardening the web-facing aspects of the environment, proving compliance to auditors, being able to track and deflect bad actors within your environment, and being able to do all of this remotely.

Do not treat security as an afterthought

Security must be built into the process from the very first plans and discussions and scaled in proportion to cloud environment growth. It must be seen as integral to the entire process. 

Include cloud network firewalls, protecting and hardening of workloads – including web-facing applications and those based on containers and serverless technology. Ensure best practice cloud configuration and compliance. Use threat hunting to monitor cloud environments and keep track of bad actors and suspicious behaviour.

Maintain asset visibility

Ensure complete visibility of assets in the cloud and how they’re configured. Make sure that questions around how cloud assets are configured, who put them there, and what permissions they have, can be clearly answered. 

Establish cloud security posture management

The bulk of cloud data breaches can be tied back to cloud misconfiguration and configuration drift issues. Implementing posture management can protect against this. 

Embrace automation

Relying on traditional manual configuration processes in the cloud is a major mistake. The cloud moves and changes too quickly for important security activities to rely on any kind of manual processes. Automation is essential. Define initial engagement parameters and solutions then use machine learning and AI to learn, manage and fine-tune the way to secure the cloud environment. 

Evaluate and control further development

Place solid guard rails around the work that developers are doing in cloud. Developers focus on pushing out new features and functions but might not immediately factor in security. Cloud security posture management policies will assist as developers deal with cloud storage, data bases and more. Additionally, deploy tools that scan GitHub or GitLab code repositories to detect malicious code, misconfiguration or hard-coded credentials before the code goes into production. 

Choose an experienced partner

Work with a cloud security partner who’s done migration many times before – a company that can provide cloud certifications and customer references. Experienced partners should also be trusted advisers who are willing to put forward an opinion or advice.

It is best to select a partner that is a specialist in a particular cloud, such as Azure or AWS, and who therefore knows the platform intimately. Cloud platforms change too quickly for any organisation to be experts in more than one.

An experienced, customer-focused partner should seek to simplify a cloud environment rather than add complexity, offering integrated solutions that work across the various aspects of a cloud environment with common management consoles. They should embrace automation as the best way to keep a cloud environment continuously secure and should provide their customers with regular cloud security insights and improvements relating to the configuration, efficiency, and compliance of the cloud environments. These should be referenceable against accepted best practices such as the AWS or Azure Well Architected Frameworks.

Conclusion

Probably the most important point to take away from this list is that a migration to the cloud is not an “apples for apples” move. It has more in common with trading in a 15-year-old car for a brand-new model. There are technologies and features that the old setup did not and could not have, and these in turn will help an organisation run itself in far more efficient and profitable ways. But before doing so, consider that the second most important takeaway in this collection is to partner with an experienced and reliable vendor that can provide advice along with skill and experience, to ensure the migration truly is a move up to better things. 

————————

Author: Nigel Spence

Cloud Security Partner & Alliance Manager – ANZ

Check Point Software Technologies

Check Point is an industry leader within the enterprise to SME security space from on-premises to multi-cloud environments. The CloudGuard portfolio addresses all of the use cases identified here – from cloud network security, cloud workload protection to cloud posture management. With deep technical and management integration into the AWS and Azure cloud platforms embracing the Zero Trust methodology. Check Point is also Microsoft Azure’s largest co-sell partner leveraging experience from countless cloud deployments around the globe. Furthermore, the recent acquisition by Check Point of SpectralOps has significantly boosted CloudGuard capabilities relating to code-scanning and CI/CD pipeline integration under the whole DevSecOps ‘Shift Left’ security mantra.

Learn more

Download our white paper “Proactivity and Planning: the key to cloud and IT modernisation” to learn more.

 

For more information about how Somerville can play a significantly beneficial role in your organisation’s cloud migration, please contact us.

Why IT could be your biggest business advantage in 2022

In 2017, when Hurricane Irma was closing in on the Florida panhandle, owners of Tesla cars were surprised to discover that the batteries that powered their vehicles suddenly had 40% more range than normal, which proved to be extremely useful for escaping the storm. The unexpected boost in power was thanks to an upgrade feature that Tesla temporarily allowed on cars in that area which was sent electronically to each vehicle. 

This boost was a welcome development for Tesla owners, some of whom, despite the overall quality and reliability of the cars, still suffered from what is called range anxiety, since the car-owning population as a whole, still hasn’t quite come to terms with cars that operate without petrol. There was also some concern expressed by those who saw the invisible hand of Tesla passing over the privately owned cars of Florida citizens as some sort of breach of individual liberty. 

The point here, though, is one of scalability. Tesla, as a product of the Agile age serves as a compelling symbol of car ownership, in a number of ways that can all be brought back to a discussion of hybrid cloud. Successful deployment of a cloud platform that is both agile and hybrid will likely be a key success factor for the growth or recovery of organisations throughout 2022.

Size is not as important as flexibility

Organisations have had to learn that in a high-speed, always-on economy, size is not as important as flexibility. The capacity to respond to opportunity or crises in an instant is what customers want and expect, and nothing more will do. Customer loyalty is fleeting and hinges largely on the most recent experience.

This sets up a challenge for organisations that may have grown up and built their infrastructure around longer timelines. In the last two years, for example, every company has had to learn a great deal about how to keep working and selling with employees based from home and a marketplace that has had to essentially shut its doors. Some companies pivoted from manufacturing their main products to creating equipment such as PPE in support of pandemic relief efforts. As they contemplate a possible end, or at least a diminishing of the pandemic’s spread, many of them face the prospects of reducing their office space, some of which may be on multi-year leases – on account of a changing workforce.

“Migration to hypercloud such as Microsoft Azure is no longer a problem, there’s a multitude of tools that help to automate the process.” – Jakub Wolinski, Cloud Services Manager, Dicker Data

Cloud technology has been written and talked about extensively, of course, but what is key to any organisation’s strategy may be the invisible as opposed to the visible. It might be easy to calculate compute and data storage needs based on day-to-day activity, but what about an unexpected surge? Peak demand based on a social media event, a cybersecurity incident or even an outage? What about recovery from a ransomware attack? What strategies are in place to not only recover from ransomware, but to do so in a timely basis (MTTR)? These might not sound like the most immediate cloud-based priorities, but so long as a company runs on its data, they are.

Being able to scale up or scale down on demand in a manner similar to the Tesla example ensures that peak demand for data and management can be addressed without wasteful spending on fixed allocation, cloud sprawl, or transfer costs, as discussed here. This kind of dynamic ability didn’t exist in earlier eras – we worked with what we had. But now it exists and is a key imperative for establishing a well-managed hybrid cloud, ideally in conjunction with a service provision company.

The SME opportunity

So how does a SME or small enterprise business make the most of the opportunities of agility? Primarily by ensuring the platform upon which it operates can support agility, and this means going to hybrid cloud. By pairing the security of on-premises with the versatility and scalability of a managed public cloud, the business is much better positioned to make changes such as setting up a new location, a new manufacturing line, or a new product. 

The physical potential that hybrid cloud delivers subsequently impacts thinking and strategy at board level. Business expansion decisions, for example, should start with the CIO who is able to dictate the pace of change based on an IT infrastructure that is now quick and easy to deploy, rather than having IT hold the organisation back due to legacy systems, attitudes, and abilities that are hard to change and which throttle the business. Having the capacity to scale up or down, open a new location, or move to another market isn’t a reactive feature. It forms part of a business strategy that should involve all layers of an organisation, including the executive. Its security and its functionality are critical business issues and not just an IT problem.

“Cost and security are always the top concerns but planning cloud migration has to be seen as a key business decision.” – Harris Schneiderman, Enterprise Sales Director – Hybrid Cloud Practice, HP Enterprise.

This mindset should be the fuel of SMEs, who have neither the size nor the age of larger organisations that can simply state, “that’s how we’ve always done it.” When one looks at Tesla, or SpaceX, another Elon Musk creation, you see companies that went up against extremely large, century-old organisations and by approaching a problem with a better idea, and by not accepting a tradition that relied on process over productivity, was able to surpass them or at least make a dent in their market share. This is the advantage that SMEs have – they are small enough to remain agile and innovative, and have access to the technologies, including hybrid cloud, that will enable the vision to become a reality.

But one further point to make about Tesla, SpaceX, and thousands of SMEs around the world, is that they didn’t do it alone. Their management knew to partner up with companies that could deliver necessary products and services as well as operate as a trusted advisor. This is a type of synergy that large companies cannot do quite as well, given their labyrinthine procurement and vendor management processes.  It forms a triangle, a rule of three for business success: agile technology (hybrid cloud), agile thinking (internal) and relationships with agile vendors who bring tools and advice to the table.

For more information about how Somerville can play a significantly beneficial role in your organisation’s agility, please contact us.

Learn more

Download our white paper “Proactivity and Planning: the key to cloud and IT modernisation” to learn more.

 

How misplaced activities and bad cloud practices are costing billions

When people search for wasteful habits in their organisation, they will often look at the moving parts. With questions like “why does this machine work like this?” and “why is this person moving this box from over here to over there?” and “why are these meetings taking so long?” it seems that waste happens when people or tools are doing things in a wrong or less effective way. And that can be true. But there’s also a great deal of waste that comes from doing nothing, especially in the cloud. 

Many organisations go into the cloud without a full awareness of what they are actually getting into. With no centralised strategy, and with excessive faith placed in their vendor’s promises, a company’s leadership can satisfy itself that it has sufficient resources in their hybrid cloud setup to allow for secure storage of data along with resiliency for scaling up and scaling down in accordance with immediate market demands.

“Cloud transformation is not just an IT project, you have to involve other business units like Finance, HR, Vendor management, Change management. I also recommend you create a governance board or Cloud Business Office (CBO) to involve all of these teams in the decision-making process.” – Harris Schneiderman, Enterprise Sales Director – Hybrid Cloud Practice, HP Enterprise.  

The devil is in the details 

But like getting a bad data plan from your phone company, the devil can be in the details, and those details can lead to excessive costs that simply appear on the bill and are paid by someone who has no knowledge that things should be otherwise.

Cloud-based IT application testing is a good example. As Mary Shacklett, President of Transworld Data writes in Information Week:

“The virtual operating systems that are deployed in the cloud for application testing are paid for by the hour, minute or second. This is beneficial for developers during testing because the spend is less than if they had to deploy virtual OSs in their own data centres, where hardware and software is capitalized and expended for over years. However, cloud testing becomes a significant cost drain when the application developer completes testing and forgets to de-allocate the test OS that is now idle, and that continues to be charged for. When this happens, the test OS becomes a wasting asset.”

In this case, it’s not so much the cloud environment that is costly and wasteful, but instead a bad habit on the part of a developer. This does not mean the developer is to blame. Most wasteful mistakes made by people in any area of any organisation have roots that are deeper than the initial activity. This developer might be overloaded with other priorities, with little time to think clearly or run a post-test checklist or might have been interrupted with another priority while actually running through the de-allocation process. So, the test OS stays active, burning steadily, yet invisibly, through a company’s money.

Cloud complexities

Secondly, the major hyperscaler-players offer optimisation tools, but these may have proprietary limitations that will not extend into hybrid cloud or multi-cloud environments, thus leaving the door open for undetected waste due to the complexity of monitoring such a multifaceted environment.

As a third example, there is cloud sprawl. As its name might suggest, cloud sprawl happens when an organisation loses visibility over its cloud instances and providers. This again is more of an institutional problem than an actual improper action. When organisations neglect to coordinate and centralise their cloud management strategy, people inevitably revert to working within their own silos, with no time or even inclination for thorough communication practices.

This is amounting to billions of dollars in wasted costs in cloud alone. You can add more to this figure if your organisation is paying for more storage or processing than it needs with no way of accurately tracking usage or costs. Processing, by the way, includes transfer costs – one of those incidental costs that are necessary but are counted separately. They are like the cloud equivalent of an airline’s carry-on luggage surcharge. And there is also the idea of overprovisioning. Quite simply paying for more than you need.

Unknowingly wasteful 

Billions of dollars are being spent on cloud-based activities that are essentially the act of doing nothing. In most cases there is nothing illegal or unethical about what is happening – it is simply the result of an organisation’s left hand not knowing what the right hand is doing.

This unknowingness factor applies to individuals too. For example, when a consumer downloads an app to their phone, tries it for a week, grows tired of it and then deletes it, it may feel to that individual that the entire affair is over and can be forgotten. But deleting an app from a phone does not delete the data that was supplied at sign-up. Even if no money was ever paid in terms of subscription fees (during a free trial, for example), the person’s email address, data and password still live on in the servers of the app’s company ready to be used for other marketing purposes, to be re-sold, or even stolen in a breach. The point being for individuals and organisations alike, just because the cloud is invisible and activities that happen there can be easily forgotten by humans, they are not forgotten by the machines that administer those activities, who may still be generating revenue from them.

People are busy with their jobs and their lives and cannot be expected to remember intricate details such as accounts or processes that remain active in the cloud even after their usefulness or reason for being have been forgotten. 

But this amounts to digital waste, and worse, comes with a hefty price tag. Being forewarned about such possibilities and being guided on how to mitigate and eliminate excessive and wasteful costs is the type of service that a qualified cloud services provider can and should deliver. It’s part of the advisory role that promises that we are going to look after the customer and not just the customer’s data.

“Make sure your IT provider understands your long-term business objectives.” – Jakub Wolinski, Cloud Services Manager, Dicker Data

 

For more information about how Somerville can play a significantly beneficial role in your organisation’s life, please contact us.

Learn more

Download our white paper “Proactivity and Planning: the key to cloud and IT modernisation” to learn more.

 

Danny Thien takes out Sales Excellence (Partner) Award

Danny-Thien-Wins-ARN-Award

At the recent ARN awards, Somerville’s Danny Thien has won the Sales Excellence (Partner) Award which recognises standout individuals who contribute to customer, company and channel success. He was up against 10 other strong contenders in this category so it’s a fantastic achievement for both Danny and Somerville!

“Danny wins this award in recognition of his work in building Somerville’s software licensing team from the ground up, with the business growing rapidly over the past five years. The additional revenue Danny has helped generate since joining Somerville has made it viable for the company to substantially expand its software sales division.”

Danny-Thien-Wins-ARN-Award
ARN-Awards-2021-Danny-and-Adrian-690x1536