All Posts By

Sam Bennett

CCL-Revera-AWS combo ticks boxes for global fund manager’s new retail offering

By | Case Studies

Nikko Asset Management (AM) banks on local experts to design and manage AWS infrastructure behind new online investment platform GoalsGetter

“Doing things right in the cloud is harder than it looks. We don’t pretend to have the expertise. Using local experts means you get specialist knowledge and expertise to get everything right and stay on top of new AWS functions and services.” – James Rogers, Chief Operating Officer, Nikko Asset Management NZ

Read the full case study here >>

WorkSafe gears up for cloud transformation

By | General News

WorkSafe New Zealand has kicked off a transformation programme to deliver workplace systems from Microsoft Office 365, SharePoint, Azure, and Windows 10, supporting 500-plus staff with a single cloud platform to work and communicate.

WorkSafe, New Zealand’s primary workplace health and safety regulator, is working with CCL-Revera to deliver the project, slated for completion later this year.

WorkSafe’s move to a public cloud platform lays the foundation to deliver against the government’s vision for health and safety at work over the next 10 years.

Mike Foley, chief digital and information officer at WorkSafe, said the transition is consistent with government’s cloud first policy to improve services and deliver substantial cost savings.

“Smart cloud platforms provide the enterprise agility we need to become a world-class regulator,” said Foley. “The less time we spend on administration and bending legacy systems to new forms of work, the more focus we bring to improving health and safety performance.”

VMware’s Workspace One Digital workplace platform will provide secure multi-device access to WorkSafe applications.

Foley said CCL-Revera ticked all the boxes, including migration planning, platform setup, staged transition, user support, and ongoing management.

Andrew Allan, CEO of CCL-Revera, said his company won the competitive tender in a joint bid with Revera late last year. “The tender process confirmed the complementary nature of our businesses and the value clients place on a broad mix of services and capabilities delivered from a single engagement and support engine.”

Announcing the merger last month, Allan said the move was motivated by a market shift that saw more clients seeking out a single supplier to cover all their bases.

Barnardos takes first steps to Microsoft cloud services with CCL-Revera

By | General News

Barnardos has taken its first steps to Microsoft’s cloud in a move to drive a Microsoft-centred as-a-service transformation.

Working with long-term partner CCL-Revera, New Zealand’s largest children’s charity has kicked off phase one of a staged migration that will see the organisation’s 650 users across 65 sites up and running on productivity and collaboration services from Microsoft Office 365 by the middle of the year.

Other work currently underway includes the deployment of Azure identity and access management services, and a reconfiguration of the organisation’s on-premise Microsoft CRM in Microsoft Dynamics 365 Online.

The organisation’s switch to Microsoft cloud services is the continuation of a strategy to drive down costs and leverage as-a-service technologies, Barnardos chief technology officer Jaco van der Lith said.

“Four years ago we outsourced and virtualised our infrastructure on Revera’s Homeland IaaS platform,” he said. “The move delivered a sensible format for a technology refresh and consolidation, and paved the way for public cloud services.”

While Microsoft’s non-profit pricing plans offered Barnardos a strong incentive to adopt cloud services, a number of the organisation’s business applications, including financial, payroll, and file sharing systems, will continue to run on CCL-Revera’s Homeland IaaS platform for the time being.

The role of both local IT partner and in-country platform services remains a core part of Barnardos’s operation, with the Spark-owned IT services provider continuing to deliver service desk, support, and a wide area network.

“CCL-Revera’s IaaS platform continues to do good work for applications unavailable in Microsoft’s cloud,” van der Lith said. “There’s no real financial benefit to change.”

Working with both CCL and Revera prior to their recent merger announcement, van der Lith described the development as a “good surprise offering complementary strengths”.

“Revera has a great engineering legacy – they build stuff really well and are supported by strong technical teams. Combined with CCL’s detailed customer focus, the merger is a good thing for both organisations – and from the customer perspective,” he said.

Commenting on the merger, CCL-Revera CEO Andrew Allan said client feedback confirmed the complementary nature of the newly-merged businesses.

“Clients place a high value on a broad mix of services and capabilities delivered from a single engagement and support engine,” he said. “We call it the safe hands of a custodian.”

CCL-Revera boosts public cloud creds with Microsoft and AWS

By | General News

Newly-merged company covers public cloud bases with Microsoft M365 Fast Track ready partner status and AWS advanced partner status

CCL-Revera is flexing its newly-formed muscle in the public cloud arena with new accreditations from Microsoft and Amazon Web Services (AWS).

One of a handful of local providers to secure Microsoft M365 Fast Track ready partner status, the Spark-owned ICT services provider is moving quickly to increase its public cloud footprints, signing up 100-plus clients to Microsoft-funded training and support to take advantage of the full M365 portfolio.

The announcement follows the addition of two heads to CCL-Revera’s Microsoft practice, with David Osborne appointed M365 practice lead, and Kath Tate taking the role of programme administrator.

On the AWS front, CCL-Revera has been awarded advanced partner status following a recent run of customer migrations to AWS, certification across a range of AWS business and technology competencies, and the continued growth of the company’s public-cloud practice, Radar.

CCL-Revera CEO Andrew Allan said the company continued to add public cloud horsepower to support clients’ growing appetite for public cloud services. “You can’t argue with the price, performance and scale, but redefining legacy applications in the cloud is harder than it looks,” he said. “That’s why we say that it doesn’t take a rocket scientist to choose public cloud, but you’ll want a cloud rocket scientist to get you there and keep everything running smoothly.”

Commenting on the company’s new Microsoft credentials specifically, Allan said demand had spiked following the retirement of Windows 7, the shift to the Windows 10 subscription model, and recently released Microsoft security and collaboration services.

“The desktop is often forgotten in the hype surrounding new technologies and especially cloud – but it’s still a key driver in business performance and an important productivity enabler for all clients,” Allan said.

The company’s newly-combined public cloud practice, which comprises 40-plus heads split evenly across cloud architects and engineers, is fast forming as a major spearhead in the company’s strategy to function as the “custodian” of IT management and cloud technology for its clients.

Announcing the merger last month, Allan said the move was motivated by a market shift that saw more clients seeking out a single supplier to cover all their bases.

“The merger is based on the thing clients tell us they value most: the safe hands of a custodian. Combining Revera’s deep platform experience with CCL’s professional services delivers expert focus at every step in the management and modernisation of our clients’ business technology,” he said.

Computer Concepts Limited announces sponsorship for the 2018 Odisha Hockey Men’s World Cup

By | General News | No Comments

We are proud to announce a sponsorship agreement with Hockey New Zealand which sees us confirmed as a sponsor for the 2018 Hockey Men’s World Cup being held in Odisha.  We have a history of sponsorship in sports – we are also a major sponsor of the Otago Rugby Union and Southland Rugby –  and are thrilled to be able to support men’s hockey in this way.

Ian Francis CEO of Hockey New Zealand says “Having a sponsor onboard with the passion of CCL is a fantastic opportunity for Hockey New Zealand.  CCL’s support will assist our players for the Odisha Hockey Men’s World Cup and help the team perform to a high standard during the competition”.

Andrew Allan, CEO of CCL says “We are very proud to be able to sponsor Hockey New Zealand.  As a nationwide company with eight offices around the country, it is great to have a national sporting sponsorship in our portfolio.  It’s an awesome team and a sport which is close to the heart of many of our staff and their families. We are very excited to partner with New Zealand Hockey and the men’s Black Sticks and wish them all the best for the World Cup.”

The Vantage Black Sticks Men started their campaign on November 30th at 2:30am when they took on France and came away with a 2-1 win taking them to equal top of their pool.  A great start from New Zealand.

ALERT: Foreshadow and Foreshadow NG

By | Security News

On 15 August 2018, information was released regarding three new Intel CPU vulnerabilities that may be exploited to steal data from computers.

  • CVE-2018-3615 (SGX, SMM – Foreshadow)
  • CVE-2018-3646 (VMM – Foreshadow NG)
  • CVE-2018-3620 (OS – Foreshadow NG)

Much like the Meltdown and Spectre vulnerabilities revealed earlier in the year, these new vulnerabilities take advantage of performance optimisation techniques to bypass security mechanisms built into the chips. The Foreshadow vulnerabilities target a different optimisation technique, potentially allowing access to a broader scope of data than Meltdown and Spectre, including data from other virtual machines in a virtualised environment.

Successful exploitation of these vulnerabilities would require an attacker to run malicious code on a targeted system. There are currently no known exploits being used against these vulnerabilities and researches have not yet released proof of concept code for the vulnerabilities.

We recommend that all clients assess their risk and appropriately patch systems to protect their environments against these vulnerabilities.  Care should be taken to read all patching instructions and release notes as well as perform thorough testing to avoid unexpected outages or performance impacts. Vendors have indicated that some performance impact should be expected for certain workloads.

Mitigation steps may involve processor microcode updates in addition to OS and virtualisation vendor updates, and in some cases may involve configuration options, including enabling new technologies and disabling HyperThreading.  Please refer to vendor guidance around opt-in steps, which will include guidance around scenarios where it is recommended and not recommended to disable HyperThreading, for example.

Processor microcode previously released by Intel in Q2 includes updates that address these new vulnerabilities.   We recommend that clients test and apply the latest microcode updates to all affected systems.

CCL’s Polaris Platform
CCL is programmatically addressing the identified vulnerabilities at the hypervisor levels.  Clients are responsible for patching their Operating Systems residing on the platform unless these are managed by CCL.  Additional information will be provided through standard change control notifications or directly from your Client Relationship Manager.

Public Cloud Platforms
All major public cloud providers have actively patched their environments and have taken steps to protect workloads:

https://cloud.google.com/blog/products/gcp/protecting-against-the-new-l1tf-speculative-vulnerabilities

https://aws.amazon.com/security/security-bulletins/AWS-2018-019/

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/mitigate-se

Client Dedicated Virtual Platforms, On-premise Private Cloud and On-premise Infrastructure
For dedicated virtualisation platforms, patching may be required at the hardware microcode and operating system level in addition to the hypervisor and may also require additional configuration changes depending on what features and products are being used.  Please refer to applicable vendor guidance for detailed mitigation requirements.  Links for the major vendors are included below.

In some cases, mitigation steps may have performance impacts.  We recommend thorough testing as part of the standard patching process.

 If you have any questions or concerns, please do not hesitate to contact your Client Relationship Manager or the CCL Service Desk on 0800 225 737 or support@concepts.co.nz.

Additional Information:

https://foreshadowattack.eu/

https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html

https://kb.vmware.com/s/article/55636

https://kb.vmware.com/s/article/55806

https://www.vmware.com/security/advisories/VMSA-2018-0020.html

https://www.vmware.com/security/advisories/VMSA-2018-0021.html

https://blogs.technet.microsoft.com/srd/2018/08/10/analysis-and-mitigation-of-l1-terminal-fault-l1tf/

https://support.microsoft.com/en-us/help/4457951/windows-server-guidance-to-protect-against-l1-terminal-fault

https://blogs.technet.microsoft.com/virtualization/2018/08/14/hyper-v-hyperclear/

https://blogs.oracle.com/oraclesecurity/intel-l1tf

ALERT: Email Phishing Attack

By | Security News

Over the last couple of days, we have noticed a spike in email phishing attacks in our clients’ environments.  The emails are coming into a client’s environment from well-known and trusted companies.

The phishing email requests users to open a pdf attachment that contains an image of DocuSign that has an embedded link to a fake website (in this case, it resembles Microsoft Office365).   It prompts users to enter their credentials.

The email has a PDF attachment which when opened looks like this:

And browsing to the “REVIEW DOCUMENTS” link will present a login screen that looks like this, where “compromisedsite.com” could be any number of different sites that are being used in the attack:

As you know, phishing emails can catch anyone out at any time and are one of the top methods cyber criminals use to gain access to a company’s network.  This is a timely reminder to always be vigilant.

Here are some useful tips to help spot a phishing email:

  • You aren’t expecting the email
  • The email urges immediate action
  • The email requests personal information
  • Links in the email lead to websites that ask for passwords
  • The email may contain a generic greeting rather than a name, e.g. Dear Sir/Madam
  • The email contains incorrect spelling or grammar
  • The email could include an attachment
  • The sender’s name and address does not match the sender or are spelt incorrectly
  • The link(s) in the email do not match the URL it redirects to
  • The URL does not match the company website or is not using SSL Encryption, e.g. https://

Meltdown & Spectre

By | Security News | No Comments

Meltdown and Spectre
Over the past week the IT community has been working hard to mitigate two widespread vulnerabilities, Meltdown and Spectre, identified by researchers.  These vulnerabilities are notable for the widespread and near universal impact on devices with processors, resulting in a significant number of patches being released and planned.  CCL has taken the necessary steps to secure our shared infrastructure platforms and we are actively assisting clients with advice and services to secure on-premise and cloud based environments.

We recommend that all clients assess and protect their environments against these vulnerabilities and ensure that systems are bought up to date and secured.  Care should be taken to follow patching instructions, as outages have occurred as a result of not following the prescribed steps.  Finally, Microsoft and other vendors have identified that some performance impact should be anticipated for certain workloads – estimates range from 5-30% decline in performance – older devices are more likely to be effected.

CCL IaaS platforms
CCL is programmatically addressing the identified vulnerabilities at the hardware and hypervisor levels.  Clients are responsible for patching their Operating Systems and applications residing on the platform unless these are managed by CCL.

Additional information will be provided through standard change control notifications or directly from your CRM.

Public Cloud platforms
All major public cloud providers have actively patched their environments and have taken steps to protect workloads. Similar to CCL, further patching may occur and we recommend monitoring each providers advisories.

Client dedicated virtual platforms, on-premise private cloud
For dedicated virtualisation platforms running earlier versions of VMware ESXi (ESXi 5.x) we are recommending a migration to ESXi 6.x, then patching to secure the hypervisor.  Patching is also required at the hardware firmware layer (microcode), operating system and application level in addition to the Hypervisor.  VMware has provided patches for ESXi which include microcode updates for popular CPUs.  vCenter patches are required and Virtual Hardware Version and VMware tools updates may also be necessary.  Outages will be required to complete patching including power cycling VM guest machines and guest OS server reboots.

Clients running Microsoft Hyper-V will need to apply updates at both the host and guest level.

On-premise infrastructure
Servers, desktops, and mobile phones are all impacted by these vulnerabilities and associated security patches are being released.  Patching will impact some workloads and performance may degrade as a result.  CCL recommends that clients follow standard patching processes including appropriate testing before release of patches to production systems.

Please note that anti-virus patches / registry key changes are required before the Microsoft patch can be successfully applied.  For CCL managed AV / Endpoint Security clients, the registry key has been deployed.

Patching will need to occur at a hardware firmware layer, operating system and application level in addition to the Hypervisor across multiple platforms to provide comprehensive protection against these vulnerabilities.  CCL has developed a guide for our engineering team to provide a best practice approach to managing the patching for Meltdown and Spectre.

If you would like more information or would like to discuss the potential performance impact to your workloads, then please contact support@concepts.co.nz or 0800 225 468

Additional information
The official Graz University of Technology research site containing information about the vulnerabilities and major vendor responses:

https://meltdownattack.com/

Additional vendor information:

https://kb.vmware.com/s/article/52245
https://support.microsoft.com/en-us/help/4073757/protect-your-devices-against-spectre-meltdown

Browser protections:

https://www.chromium.org/Home/chromium-security/ssca
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
https://blogs.windows.com/msedgedev/2018/01/03/speculative-execution-mitigations-microsoft-edge-internet-explorer/

Performance impacts:

https://cloudblogs.microsoft.com/microsoftsecure/2018/01/09/understanding-the-performance-impact-of-spectre-and-meltdown-mitigations-on-windows-systems/
https://access.redhat.com/articles/3307751

Please contact CCL if you have any questions or concerns.

CCL wins at the 2017 Resellers News Awards

By | General News | No Comments

CCL’s passion for client outcomes was rewarded this week with multiple honours in the 2017 Reseller News ICT Industry awards.  Now in their 3rd year, the awards recognise local talent across New Zealand in the IT sector.

CCL was named as the winner of two key awards.  The Mid-market Partner of the Year award which recognises a company doing a superb job of servicing customers in the 100-1000 seat market.

And the Sales Excellence award was won by Sanjeet Bal, Customer Relationship Manager based in CCL’s Wellington office.  This award is validation of Sanjeet’s passion and drive for client outcomes.

The Network Services team was highly commended for the Service Provider award and CEO, Andrew Allan was inducted into the Reseller News Hall of Fame for his contribution and support of the IT industry.

“These awards are very humbling for CCL and I am so very proud of the whole CCL team, who have provided the foundation over many years for our ongoing success.” says Darryl Swann, Founding Director of CCL. “None of this would be possible without the deep knowledge, expertise and will power our team brings to the table, every day.”

“We are delighted to have been recognised as winners at this year’s Reseller News Awards and believe this is due to the quality and breadth of the work we do, said Andrew Allan.  “These awards acknowledge the effective collaboration between our team, our clients and the right solutions.”

CCL celebrated their wins in front of almost 300 ICT industry leaders who gathered in Auckland to celebrate the 2017 Reseller News ICT Industry Awards.

Happy Holidays from CCL!

By | General News | No Comments

To all of our clients, suppliers, staff and families – with a fabulous 2016 almost behind us we would like to thank you for your support this year.  We couldn’t do what we do without you.  This is the time of year where we reflect not just on what we have achieved, but also on those surrounding us that enabled us to achieve.  Thanks for joining us on the journey.

Our “CCL Santa Squads” around the country have been in full force this month.  Each branch has selected a charity they wanted to support and staff brought in gifts to help those in need this Christmas.  We have been very humbled by the overwhelming generosity shown by our staff.

We can’t wait to kick off the New Year, but until then, have a very Merry Christmas and a happy and safe holiday.

From all the CCL team