wiki

Codit Wiki

Loading information... Please wait.

Codit Blog

Posted on Wednesday, May 31, 2017 3:48 PM

Sam Vanhoutte by Sam Vanhoutte

What can we learn from the WannaCry ransomware attack and the way we tackle Internet of Things (IoT) projects? That we had better invest enough resources to make, and keep, our smart devices safe.

I was at the airport of Seattle, returning from the Microsoft Build Conference, when I saw the outbreak of the WannaCry ransomware trending on Twitter. There was talk of hospitals that couldn’t operate anymore, government departments unable to function, public transport issues... All consequences of the virus that spread from computer to computer, looking for new victims. The consequences for many IoT scenarios around the world played through my mind. I also remembered the conversations I've had with partners and clients over the past years about investing time and money in the security and safe keeping of IoT devices.

The WannaCry story clearly demonstrated that there was a crushing responsibility for various IT service companies. They should have kept computer systems up to date with a supported Windows version and the latest security updates. Very often, time, budget or change management is a reason why such updates did not happen. "It it’s not broken, don’t fix it." Such thinking left the back door to several critical systems wide open, which made things broken a lot quicker than anyone assumed.

That's why, starting with Windows 10, Microsoft has changed the default 'update policy'. Security and system updates are automatically installed, giving customers a Windows system that is up to date by default. However, the pushing of automatic updates is a major problem with most IoT systems available today.

IoT security with holes

Very often, devices - from smart scales and to internet thermostats to even healthcare devices – are not equipped to receive security updates. The software often does not allow it, or the computing power of the device is too limited to deal with the update logic.

In most cases, the users of such a device don’t think about by the fact that their gadget (or more dangerously, their health device) is actually a mini computer that may have a security issue. If security updates cannot be pushed by default through the manufacturer’s IoT platform, you can assume that the device will never be updated during its entire lifecycle. To make matters worse, such devices often have a long lifespan. Thus, the encryption algorithms used today will no longer prove sufficient to keep sensitive data encrypted in the foreseeable future.

Companies should therefore always supply an update mechanism in their IoT solution. This makes the initial investment higher, but it also offers an undeniable advantage. For one thing, pushing updates can prevent your brand from getting negative exposure in the news as the result of a (serious) vulnerability. But you can also send new pieces of functionality to those devices. This keeps the devices relevant and enables you to offer new features to your customers.

By taking the responsibility for updating (and thus securing) such systems away from the end user, we create a much safer internet. Because no one wants his smart toaster (and its internet connection) used to enable drug trafficking, child pornography or terrorism.

 

Note: This article was first published via Computable on 30 May 2017 (in Dutch) 

Categories: Opinions
Tags: IoT
written by: Sam Vanhoutte

Posted on Wednesday, May 3, 2017 10:55 AM

Stijn Degrieck by Stijn Degrieck

"One in ten IT specialists in Belgium is a cheap Indian," some media recently wrote. They work for minimum wages, ensuring unfair competition, and do not make a fair contribution to our welfare state, since they are not covered by Belgian social security. It was the socialist trade union BBTK who rang the bell. "Belgian employees are losing their jobs and the government is missing out on 26 million euros each year," they complained. Employers in the Belgian IT sector deliberately abuse the employment status of their Indian programmers to find people on the cheap. Ouch, that hurts.

I do not doubt the figures from the BBTK. I honestly don’t know how many Indian IT specialists are currently in our country. I do however know how many IT people we need. It’s in the thousands. This is what Agoria is hearing from its members. And that permanent shortage is almost always the topic of discussion when I speak to colleagues in the sector. It is difficult for us all to fulfill vacancies, in spite of great wages, benefits and a huge investment in time and resources to create the most pleasant and dynamic work environment. Believe me: we go out of our way to do that. Recently, we even had an info stand at Facts, a quirky fair in Flanders Expo dedicated to comic and gaming fans, Trekkies, Star Wars fans and who knows what else. You can look it up on Facts.be, if you dare. But that’s another story. I think this job loss is not so huge. Those Indians are not taking our jobs away, we need them to fill in the gaps. It’s a good thing they exist! Because no IT specialist willing to work is out of a job for long here. In many companies, you don’t even need an official diploma anymore. A good self-taught person is better than an open vacancy.

What I refuse to believe, however, is that ‘employers’ purposefully try to save on social security by employing low-cost workforce. That generalization is too easy. For your information, at Codit we are talking about one in 130. And that one Indian colleague is paid according to Belgian standards. The same way we reward our employees in France, The Netherlands, the United Kingdom, Switzerland and Portugal according to local conditions, regardless of their nationality. Does our Indian colleague earn a lot? To Indian standards, certainly. To Swiss standards, perhaps not.

I’m afraid the BBTK is barking up the wrong tree. People being taxed in their country of origin as a result of a trade agreement is a policy issue. Individual employers and their employees have little to do with it. And in any case, it is primarily rearguard action in a globalized economy. The vast majority of those cheap Indian IT employees work in ‘Belgian IT’, but not for a ‘Belgian company’. There are a lot of international players in our market. They are indeed trying to acquire work as cheaply as possible in order to stay competitive. I could call this distortion of competition. The thing is that we at Codit (and many other Belgian IT companies) look beyond the local market.

I invite the trade union to expand their field of view as well. Let's do something about that shortage, because it is putting a brake on the growth of Belgian IT companies. In our knowledge economy, we need to invest in talent. And that should not be limited to young people. We have a lot of people ‘on the bench’ whose skills no longer match the needs of our companies. Perhaps the trade union can help warm them to a career switch? Imagine meeting our ambitions and our country having lots of internationally relevant and innovative IT companies. That would be much more beneficial to our welfare state than fighting over breadcrumbs.

Stijn Degrieck is CEO of Codit, a fast growing and internationally active IT company headquartered in Ghent.

Note: This opinion was first published via De Standaard on 2 May 2017 (in Dutch). 

Categories: Opinions
written by: Stijn Degrieck

Posted on Tuesday, April 25, 2017 11:02 AM

Stijn Degrieck by Stijn Degrieck

"Europe is far too dependent on Microsoft." I thought I accidentally clicked on an old article, perhaps from the end of the last century. At that time, Microsoft was in trouble for abusing its dominant market position to stave off competition. It was the start of a series of legal battles both in the States and in Europe, culminating in the Windows Media Player saga. You know, that thing you may have used to watch video on a pc, if you didn’t skip it entirely because you belong to the YouTube generation. Microsoft was fined a massive sum by Europe in 2004, but continued to resist strongly until 2012. In the end, they subsided. Or that is what we would like to believe.

Back to today. According to a group of research journalists, the intensive collaboration with Microsoft makes Europe vulnerable, for instance because our data is in the hands of an American company. And we would regret that, now that our American allies seem less steadfast. A German Euro parliament member called for immediate action to force the mighty Microsoft to its knees. By comparing IT with aviation, where Europe broke Boeing’s dominance with the launch of the Airbus, he called for an "ICT Airbus". Nice one liner, and maybe a beautiful dream for European chauvinists, but utter nonsense in the end.

The world in the 1970s cannot be compared to the here and now. Of course, technological innovations were made and we pushed forward, but the rate of change was lower and the impact was much smaller. Moore's Law, anyone?

Changing a sector is not the same as overthrowing a whole economy. It shows little insight into our connected and globalized society to propose such a change of mind. And it's out of touch with reality: in spite of earlier attempts to control Microsoft, it is still one of the world's largest (IT) companies. Like it or not, the whole world has been running on Windows for 30 years.

Another question is whether Microsoft is really such a patriotic American company. Ultra large companies like Facebook, Google and Amazon do not only transcend geographic boundaries, but mental boundaries as well. Wasn’t Facebook called 'the largest country in the world' because it has more 'residents' than China? Globalization on that scale questions all the old paradigms, which our politicians love for obvious reasons.

Large companies tend to be very committed to their 'citizens'. They have an eye for local needs and expectations. For example, Microsoft has worldwide data centers to ensure quality of service and data protection. The company was recently proved right in a lawsuit by a magistrate in New York. He had summoned the company to supply data (e-mails) from an Irish-based server as part of an investigation. Microsoft won the plea, with the full support of the Irish government.

To the current CEO Satya Nadella, a man born in India, Microsoft is not so much a business as an ecosystem. He wants to build the world's best cloud platform, open to anyone, at any time and any location. And he does what he can to fulfill that promise. For example, Microsoft's employees are leading the ranking on Github, an online platform for open source developers who share code with the community. No one has more active developers on that platform than Microsoft. Not even Facebook and Google. And still, we tend to fear Microsoft.

Fear is a bad counselor and protectionism is a weak strategy. The only question that really matters to Europe is: how do we make sure that the next Microsoft, Google or Facebook has its roots in European soil? That is, if you see yourself as a European rather than a world citizen.

Note: This opinion was first published on SmartBiz.be on 20 April 2017 (in Dutch). 

Categories: Opinions
Tags: Microsoft
written by: Stijn Degrieck

Posted on Thursday, March 9, 2017 8:16 AM

Stijn Degrieck by Stijn Degrieck

You most probably know that Microsoft is the world’s largest contributor to the open source community on the popular GitHub platform, no? That’s right. When it comes to sharing code for open development and collaboration, it is leaving behind companies like Facebook, Google and Red Hat. All this is the result of a major strategic shift initiated by Steve Ballmer, and accelerated by Satya Nadella. One that will allow Microsoft to transform to a full-blown Software-as-a-Service company.

In a letter to all employees two years ago, Satya Nadella, who had just been appointed CEO, said: “Our strategy is to build best-in-class platforms and productivity services for a mobile-first, cloud-first world. Our platforms will harmonize the interests of end users, developers and IT better than any competing ecosystem or platform.”

Today, Microsoft is reporting impressive growth for its SaaS solutions. Revenue from its cloud platform, Azure, grew triple digits, with usage of key computing and database workloads more than doubling year-over-year. And embracing Apple and Android is paying off, making its software easily available on all operating systems. (In fact, that’s often where you’ll find the best Microsoft apps.) Office 365’s enterprise user base is also growing quickly. End of last year, Techradar.com reported it’s already twice as popular as Google’s G Suite in organizations across Europe. It’s a bold move for a company once considered an evil monopolist who perceived open-source as an existential threat to their business. As one court order stated: they put up ‘technical barriers’, making it hard for the competition to work on the Windows operating system. Remember the ‘browser wars’?

I’m happy to see Microsoft’s progress and its approach to open source. At Codit, we welcome the transition from a closed Microsoft-only stack to an open Azure platform. It’s the perfect foundation for co-creation with our customers. For instance on projects related to the Internet of Things.  

We have many customers exploring IoT. Usually they have lots of ideas, devices and sensors. But they have no resources, expertise nor experience to connect these to the cloud and putting their data to work. Cue in the Nebulus™ IoT Gateway. You can use it to link any sensor or device in a couple of minutes to the Microsoft Azure cloud, allowing you to connect, capture and control data in real-time.

I’m a big fan of co-creation. Most customers have a clear view on what they want. But they need help translating it into specific technology features and functions. That’s where we come in, helping you turn big ideas into new tangible services.

What’s your big idea? We’re listening.

- Stijn Degrieck, CEO Codit

Categories: Opinions
Tags: Azure
written by: Stijn Degrieck