[South Africa] BCX fully acquires software firm DotCom Software Projects to push cloud adoption

BCX, one of Africa’s largest systems integrators and digital transformation partners, has acquired 100% of the shares in DotCom Software Projects  (“DotCom”).

The acquisition will see BCX enrich its cloud services and provide greater value to its clients across key verticals.

“With greater access to on-demand computing power, highly scalable platforms and more flexible ap-proaches to IT spending, cloud computing has gone from an emerging technology to an indispensable business resource, ”said Jan Bouwer, Chief of Digital Platform Solutions at BCX. 

BCX has, over the past year, increased its focus on Cloud Computing with its cloud-agnostic strategy, having recently announced an exclusive rights deal with Alibaba Cloud, one of the largest cloud players globally. The acquisition of DotCom brings this strategy to life by providing greater choice, diversity, and value to its clients. DotCom was founded in 2012 and has become a significant player in digital transformation, specialising in cloud solutions and as a trusted Microsoft Azure Gold partner.

“As a Cloud Solutions Provider, DotCom adds to our own cloud capabilities, specifically with regards to Microsoft Azure, which further drives our cloud agnostic strategy”, said Bouwer.

“BCX is also aggressively growing its capabilities to create a more balanced product portfolio for growth. The acquisition of DotCom combined with existing capabilities at BCX will create a power-house in the cloud space. I am confident that welcoming DotCom into the BCX family will not only bolster our capabilities but will create further opportunities to grow our product portfolio in the future”, adds Jonas Bogoshi, CEO at BCX. DotCom delivers cloud computing-based services and solutions including Cloud software solutions, Cloud Managed Services and Cloud Advisory and Consulting services to companies migrating to cloud computing. Within eleven years, the company has built up a significant client base drawn from a range of industries, including the financial and insurance sectors.

“BCX and DotCom are a natural fit. I think we complement one another and share the same commitment of helping our clients make the transition to secure cloud in a way that strengthens their business and accelerates their growth,” JC van den Heever, CEO of DotCom said. “The cloud computing market continues to grow rapidly as companies move from on-premises solutions to cloud-based systems. Trends emerging suggest that companies will continue to adopt new deployment models, such as edge and cloud-native applications, to shifts in operating models, to remote and virtual desktops. I believe that together we can transition our clients seamlessly through these developments,” adds van den Heever.

The future of cloud computing is increased adoption and discovering new ways to use systems and in-formation in the cloud to drive insights and operational efficiencies. More and more businesses are investing in a hybrid approach that mixes on-premises and cloud-based systems, and the market as a whole is moving towards greater reliance on subscription-based software, infrastructure, and man-aged cloud services. This acquisition marks a significant milestone for both companies, who are ambitious about bringing the business benefits of this investment and greater innovation in cloud computing to their clients.

www.bcx.co.za

[Column] Marilyn Moodley: Cloud Security – Whose fault is it?

At least 95% of cloud security failures in the next three years will be the customer’s fault, according to Gartner. Unsurprisingly, the biggest threat to security is people. Misconfiguration mistakes escalated from 15% of exploitable errors in 2018 to more than 40% in 2021 and human error is now the third most common cause of security breaches, ahead of malware and right up there with social engineering and hacking. Complacency about cloud security is a major contributing factor, but this needs to change. Most cloud services operate under a shared responsibility model in which providers secure the infrastructure, while customers are required to lock down the software stack and applications. In other words, responsibility for patching vulnerabilities and controlling access to cloud accounts still lies with the user.

What does this mean? Organisations need to remain vigilant, ensuring that they take the necessary steps and precautions to secure their data and identities if they’re to avoid becoming an unfortunate statistic with no one to blame but themselves.

Identify, verify, control

No matter the deployment model, sufficient controls are required to govern access and usage. With such a variety of effective Identity and Access Control service providers available today, there is little excuse for businesses not to have these measures in place. Authentication and access control requires users to verify their identity, and secures their access to resources across cloud, SaaS, on-prem and APIs, while increasing speed, agility, and efficiency.

Such IAM solutions make it straightforward to provide the means for customers, employees and partners to all have secure access to the necessary resources. By using identity verification and access control services located in the cloud, the limitations and costs associated with on-premises IAM can be replaced by a more flexible, scalable solution. Cloud IAM is key to ensuring security outside of network perimeters and capabilities include authentication, access management, identity verification, consent collection, risk management and API security.

Access control to the cloud should be regulated through the creation of centralised rules and policies to streamline processes. The use of Multi-Factor Authentication (MFA) is critical to ensure the correct identification of individuals trying to access networked resources, while Privileged Access Management (PAM) tools enforce control over sensitive components and applications in the environment.  These tools form part of a larger cloud security picture that includes details such as a zero trust framework, bolstered with cybersecurity mesh, and reinforced with Secure Access Service Edge (SASE).

Zero trust: never trust, always verify

Zero trust is a framework for securing organisations in cloud and mobile spaces by insisting that no user or application be trusted by default. It enables least-privileged access, establishes trust based on context which is informed by user identity and location, endpoint security posture as well as the app or service being requested, while performing necessary policy checks at each step. A well-tuned zero trust architecture leads to simpler network infrastructure, a better user experience, and improved cyber threat defense.

SASE: borderless security

Secure access service edge (SASE) is a framework for network architecture that brings cloud native security technologies together with wide area network (WAN) capabilities to securely connect users, systems, and endpoints to applications and services anywhere. This ensures that data and traffic is secured, no matter where it travels.

Cybersecurity MESH: closing the gaps

Gartner describes cybersecurity mesh as “a flexible, composable architecture that integrates widely distributed and disparate security services”. Concerned with strengthening digital security while bringing tools closer to the assets they’re designed to defend, a cybersecurity mesh architecture (CSMA) encourages organisations to deploy solutions that fit their specific needs by working within their integrated ecosystems. This enables businesses to share cybersecurity intelligence, automate and coordinate responses to threats, and simplify their security operations. CSMA offers a distributed identity fabric that helps establish trusted access across all applications, customers, partners, and workforces.

Achieving visibility and developing security skill sets

Visibility in cloud security means eliminating blind spots that can result in overspending, performance inefficiencies and security complications. This is done through service-centric or role-centric tools, rather than host-centric tools to manage networks. If it is not possible to hire the necessary competencies, organisations will have to develop them. Many vendors offer online resources to help technologists learn the skills they need to become cloud security engineers. In addition to an increase in the need to cultivate the necessary skills, there will be an increase in demand for technologists that have the DevOps skills necessary to align business workloads with the cloud.  Upskilling will also be critical to bridging the skills gap which includes training business teams on how to use cloud tools.

Owning security responsibility

Accordingly, it’s important for businesses to remember that even when they’re purchasing infrastructure, software or functionality as a service, they’re not outsourcing total responsibility for security. This will continue to be a shared responsibility, because it is unlikely that service providers would willingly take on the possibility of being liable for human action or error beyond their control. As such, organisations will need to prioritise the acquisition of or the development of necessary security-minded skills in order to protect their digital assets from cyber harm.

Marilyn Moodley is the South African Country Leader for SoftwareONE.

How the biggest international cloud trends impact Africa

The latter half of 2022 was characterised by significant instabilities in the tech industry. E-retailer and cloud giant Amazon announced that it would cut tens of thousands of jobs, social media behemoths Twitter and Meta laid off significant percentages of their workforce, and even Microsoft saw its slowest revenue growth in five years.

“There’s chaos in the industry internationally,” says Andrew Cruise, Managing Director of Routed, a local cloud platform provider and VMware specialist. “The war in Ukraine has kicked off a period of great uncertainty that’s affected global inflation, exchange rates, and general risk appetite. This follows the boom during the early months of the pandemic, when the tech industry saw such growth that many companies made significant investments in new assets, infrastructure, and expertise. Now that growth has slowed, they’re faced with two options: sit tight and wait it out, or shrink. 

When it comes to cloud, specifically, the euphoria around hyperscale cloud (from providers like Amazon, Azure, and more) has also waned, adds Benjamin Coetzer, Director at Routed. “Firstly, enterprises are realising that hyperscale cloud is better suited to development and not everyday business. Secondly, they’re starting to scrutinise their mounting bills, which have grown significantly as their cloud needs have become more complicated and sprawled.” 

Interestingly, things look a bit different in Africa. Hyperscalers like Azure and AWS only started arriving in South Africa in recent years, while Google, Alibaba and BCX just announced their arrival. “It surprised me to see how many hyperscalers decided to set up shop in South Africa almost overnight, as well as how many datacentre companies and IT players have started investing in Africa as a whole,” adds Coetzer.

However, the current economic climate and insufficient infrastructure across the continent warrant some caution: “There is big demand in South Africa, there is big money in South Africa, and there is good infrastructure in South Africa. But when it comes to cloud, I always say the one non-negotiable precondition to move into enterprise cloud (or for enterprise applications to move into the cloud) is fast, reliable, cheap internet. Only fibre sufficiently provides that, and only in South Africa. In Botswana, Mozambique, Zambia, Kenya and Nigeria fibre penetration is low and it is still extremely expensive at low speeds. No-one else in sub-Saharan Africa has got the precondition for enterprise cloud to be successful. And yet, we’re still seeing demand from people. And I think the demand is misplaced for the moment,” says Cruise.

Worryingly, some hyperscale resellers aren’t giving potential clients the full story – or perhaps they aren’t aware of the conditions on the ground. “They’re delivering the same message in Africa as in the rest of the world, not understanding that Africa can’t deliver on that until local infrastructure improves. South Africa is five years behind the West, and some other countries in Africa are five, if not ten, years behind South Africa. Sure, you can eventually back up your data with an internet connection speed of five megabits per second – but what happens when you need to recover it?”

And then there are the costs to consider. “I think people are going to be surprised by the price increases from AWS, Azure, Google and the like over the next year. Experts in the West are predicting major increases – and that doesn’t even factor in the weak rand.”

Coetzer adds: “Those who don’t need the bells and whistles that developers use and opt for an enterprise cloud will now start seeing significantly more value for their money as that gap increases. Routed’s pricing, for example, has come down in the six years since the company started, while hyperscalers’ prices have kept climbing.

Cruise concludes “I’m hoping that allows people to make better decisions going forward. Many think that IT and cloud is exciting and cutting edge, but what most people really want from the cloud, really need, is for it to be boring. It has to work, all the time, no surprises. And that’s what enterprise cloud does really well. This coming year will bring more of the same, and there isn’t a problem with that.”

www.routed.co.za