Category Archives: Editorial

Business, Editorial

Creating Teams That Keep Tech Companies Ahead of the Curve – A Sit Down with Suthen Thomas Paradatheth, Chief Technology Officer at Grab

Leave a comment

Grab’s humble roots as a Malaysian-born start-up are often ignored as the company has moved its headquarters over to Singapore, a country that was, at a time, more receptive to disruptors and unicorns. However, Malaysia’s talent still plays a vital role in the organisation as the company continues to host some of its core talent in Malaysia like its technical team – one which the company is currently expanding.

Suthen Thomas Paradatheth CTO Grab Tech in Asia
Source: Tech in Asia

That said, the company’s Chief Technology Officer, Suthen Thomas Paradatheth, continues to lead the expanding technical and programming teams. Suthen is a Malaysian, born and bred. He hails from Kuala Lumpur – Petaling Jaya more specifically – and has had most of his education locally in institutions like Sekolah Menengah Seaport (now known as Sekolah Menengah Sri Permata). Suthen earned his Bachelor’s Degree in Software Engineering with First Class Honours from Multimedia University in 2005. Programming seems to be innate with Suthen having worked as a freelancer since his high school days.

After university, a series of fortunate events and good networking found him working on Grab’s codebase. He’s been with the company since its early days in 2011; Back then, it was still MyTeksi. Since then, Suthen has earned his Masters in Public Policy from the Harvard Kennedy School and continues to be the man behind (most) of the code and features that make their way into the Grab app.

But – we’re not here to talk just about his achievements, we’re here to talk about the tech he’s worked on and some of the methods of his madness. It’s worth noting though, that even with his impressive resume and experience – particularly with Grab – Suthen remains extremely humble and approachable.

Passion Driven, Curiosity Fuelled

Heading Grab’s Technology and Programming is no small task. From its early days, the task of building the Grab Superapp has been monumental. It involved significant changes to the codebase, deciding which language to use and even creating new approaches. The task – which at one point was outsourced to programmers in India – is now handled by a team of about 2000 employees and headed by Suthen.

Suthen Thomas Paradatheth CTO Grab Headshot
Source: Grab

“Software engineering is, like, the closest thing to magic in the real world. Like, you put a certain set of words on a screen in a certain way and something happens…it’s the closest thing to a spell in reality.”

Suthen Thomas Paradatheth,
Chief Technology Officer at Grab

Suthen’s take on building a capable team is a rather unique one. In fact, his approach to working as the CTO is unique in itself. His approach is a very altruistic one mired in the belief that Grab as a platform is impacting lives significantly. This belief paired with an insatiable curiosity and passion for coding has led to his growth over the years and his ability to manage a large, growing team. This same passion and drive is what he looks for in his team members.

The ethos even rings true when the team deploys new features and services into the app. Key tenets like “How will users benefit from it?” and “Will it make a significant difference?” are big drivers to why we continue to willingly accept the big changes we see in the Grab app.

Empowering Independence and Diversity at Every Level

The technical team at Grab isn’t a small one and – like the super app – it’s not monolithic either. The 2,000-strong team is siloed into “Tech Families” a concept built on the similar “Tribes” or “Squads” model.  Each of these families is focused on one of the more technical aspects of the app’s many services and functions. But more importantly, the teams are made of diverse talents that complement their functions and reduce dependence on other teams. These teams aren’t just made up of software engineers, they could have people skilled in data and analytics, designers and even communicators if the team’s functions need it. They’re cross-functional and allow teams to work independently and innovate freely.

The biggest component to the success of Grab’s approach isn’t just the diversity of talent and skills in each team – it’s trust. Suthen has an approach where he trusts the teams and their team leads. He communicates with the leads and trusts them to solve and address the concerns of their own team members. In his own words, “…my job is actually to create coherence, connectivity between the layers.”

Using the Right Technology to Go Places

The same approach to creating coherence also trickles down to tech adoption as well. Grab isn’t behind the curve when it comes to new technologies. In fact, they’ve recently announced a partnership with Open AI to adopt some of the many Generative AI technologies that come with Open AI’s ChatGPT. However, Grab isn’t just about adopting the newest, hottest thing on the market. The decision to adopt new technologies is driven by how the new technology addresses the needs of the organization. In fact, if there isn’t a solution on the market, the teams at Grab will create their own.

Not many people know this, but Grab has actually developed its own mapping system and doesn’t use third-party map providers like Google Maps. This change was driven by the fact that a lot of third-party mapping, didn’t serve the needs of Grab’s ride partners and users. This was particularly true in markets where GrabBike is more prevalent. To address the needs of ride partners and users, Grab actually looked to their ride partners to map lesser-known roads and pathways. Using AI and a simple action camera, Grab has created its own mapping platform that allows it to be more accurate and serve ride partners better.

However, being a technology company, the teams at Grab are continually innovating. In fact, the teams are continually trying to stay ahead of the curve by identifying and addressing new needs or existing ones that new technologies can address. Leadership, like Suthen, continually push for this innovation and also hire for it. More importantly, leadership should invest in its own people to drive innovation.

Creating Efficiency & Reliability from the Ground Up

Innovation isn’t about throwing something to the wall and seeing what sticks. It’s about creating answers to problems that arise or creating better ones to existing problems. Similarly, at Grab, the approach that Suthen and the tech teams adopt is one that creates efficiency. This efficiency doesn’t just mean it’s efficient in code – whatever they do has to create efficiency when it comes to the day-to-day of Grab’s operations and this includes the efficiency of ride partners.

Suthen Thomas Paradatheth CTO Grab Headshot
Source: Grab Holdings

“Running a good marketplace is also running an environmentally friendly sustainable marketplace.”

Suthen Thomas Paradatheth,
Chief Technology Officer at Grab

We’ve seen GrabShare come and go and return to the platform. This is due to Grab testing out more efficient and functional ways to implement it. Let’s be honest, having a single passenger in the ride can be a tad wasteful when it comes to resources, so with GrabShare, where available, the driver earns more while being more efficient with the petrol the cars utilise. With ESG goals playing an increasingly important role in companies, this approach literally builds these goals into the code.

Even when it comes to the adoption of AI and new technologies, Suthen and his team are looking at how it impacts day-to-day functions. One of the pain points they hope to resolve is the waiting time for riders when it comes to food deliveries. Minimising this would not only mean that delivery partners are more efficient with their time, it would also mean that they are able to earn more. This would also help drive more efficiency with the fuel that is being used.

Of course, when it comes to ride-hailing, Grab is looking into EVs and hybrids that allow them to be more environmentally friendly. In fact, they’ve already started offering GrabGreen in other markets.

Creating a Sustainable, Passionate Team Starts with the Top

The one thing that rang true in our sit down with Suthen is this: the culture and workspace environment start very much with the top. The right approach, empowering your teams, creating independence, and prioritising your innovations will drive your teams to increase productivity and even retain your customers.

Overall, key takeaways for disruptors and even CTOs looking to create a team that is innovation-driven is this:

  1. Trust is key when you build your team.
  2. Create teams that are self-sufficient and reduce dependencies to keep them agile.
  3. Innovate efficiently and keep your company’s values as a driving force.
Editorial

Interview: Password Hygiene & Staying Secure with Trend Micro

Leave a comment

This is a transcribed interview with Sage Khor, Presale Technical Manager at Trend Micro. It is intended as a companion to our editorial “How Your Bad Password Hygiene is Putting Everything At Risk At Home and At Work“.

Password Hygiene has become an increasingly popular topic among cybersecurity experts and IT managers especially in light of the marked increase of data breaches occurring on a daily basis. We spoke to Sage Khor, the Presales Technical Manager at Trend Micro to better understand password hygiene and its impact on personal and organisational data security.

Trend Micro Sage Profile Pic 07052024

SAGE KHOR

PRESALES TECHNICAL MANAGER,
TREND MICRO MALAYSIA

With more than 15 years in IT as a solution consultant and architect, Sage Khor has diverse experience in IT Infrastructure, Cloud & virtualization, and information and data security. He specialises in cloud and virtualization security and has in-depth knowledge of cyber security. He also has experience dealing with diverse customer environments ranging from various industries such as FSI, oil and gas, telco, conglomerates, real estate& more.

Q: “Password hygiene” seems to be a new concept when it comes to keeping safe on the internet. What is it and how does it help in staying secure online?

Sage Khor: Password hygiene refers to best practices and habits individuals and organizations should adopt to maintain strong and secure passwords. Maintaining good password hygiene is essential to online safety. It encompasses aspects such as password creation, account variation, refraining from sharing passwords, and implementing multi-factor authentication (MFA).

Q: We’ve had guidelines and best practices that ask us to change our passwords every so often. It’s easy to enforce this at an organizational level, but how about when it comes to our personal passwords?

Sage Khor: There are several ways how individuals can practice good password hygiene:

  • Create long passwords. It is recommended to create a password that is longer than 6 alphabets.
  • Create strong passwords by using a mix of uppercase and lowercase letters, numbers, and symbols, and avoid personal information (birthdays, addresses), and simple patterns.
  • Create unique passwords for each account.
  • Enable Multi-Factor Authentication (MFA) as it adds an extra layer of security by requiring a second verification step beyond an individual’s password.
  • Do not recycle passwords for multiple accounts.

Safeguarding data from cyber threats can also be done with the help of a security platform like Trend Micro’s ID Protection which helps secure personal information from identity theft, fraud, and unauthorized access.

Q: What is good “password hygiene”?

Sage Khor: The first line of protection against hackers is a strong and secure password as hackers will find it more difficult to decipher longer, more complicated passwords.

Weak passwords can be easily predicted. Avoid using the same or simple passwords like birthdays or dictionary words for multiple social media accounts or other internet accounts.

Password Login page AI Generated Image with Copilot
Image Generated with Microsoft Copilot

Enable two-factor authentication (2FA) on all internet accounts. Adding an extra layer of security to authentication makes it far safer than using just one factor.

Verify the privacy and security settings on internet accounts. Though they enable a degree of security for both users and the companies, the default settings that platforms set up are designed to enable the collection of pertinent market data from their users.

Another method of ensuring password hygiene is by utilizing a password manager to help you create, save, manage and use passwords across different online services. When you have to keep track of so many online accounts, a password manager is the best way to encrypt and store your passwords safely. However, it is also important to be vigilant when deciding on a password manager. The most reliable password managers will use industry-standard encryption methods and can keep your accounts safe from hacking. But good cyber hygiene practices will still come to play if you want to ensure your computer is free from malware and safe from hackers. One other aspect to consider is also taking steps to be aware of common social engineering tactics that can deceive users into divulging their master passwords.

Q: Is there a way for us to have password hygiene on an individual basis?

Sage Khor: Practising good password hygiene is vital to ensure that all accounts remain safe. Thus, it is important to be aware of the necessary steps you can take to create a strong and safe password. By introducing a higher level of complexity to your password, you can lower the chances of being hacked or having your accounts compromised.

When creating a strong password, refrain from using predictable letters or numbers in sequence (e.g qwerty, abcde, 12345) but instead combine letters, numbers, and symbols to form a password of at least eight characters. Similarly, you should always avoid creating passwords that include any easily found personal information. Most importantly, stop reusing passwords on all your accounts or have similar passwords across different accounts. Creating complex and varied passwords is ultimately one of the more important steps when it comes to password hygiene.

Q: How about when it comes to organizations?

Sage Khor: Password hygiene is crucial for organizations to protect themselves from data breaches and unauthorized access. Similar to how you should apply the best password hygiene practices in your personal accounts, it is important for organizations to also ensure the right structure and policies are in place.

Pile of Folders
Photo by Pixabay

Put in place complex passwords. While this may seem like a given, it may come as a surprise that many today still enforce popular passwords that are hackable. In the same way, you would create complex passwords for individual accounts, you will want to ensure the strength of passwords in your organization through the creation of long passphrases (at least 12 characters) instead of short passwords. Passphrases are easier to remember and more secure than single words. With proper IT policies in place, there should also be enforcement and systems that disallow the reuse of passwords.

Organizations should be using Multi-Factor Authentication (MFA) as it adds an extra layer of security by requiring a second factor, like a code from a phone app, to access accounts in addition to the password. Enforce two-factor or MFA for online banking/transactions and log-ins into key online portals/systems.

Practice the 3-2-1 backup rule. If a data breach occurs, it is critical to maintain at least three copies of company data in two different formats, with one air-gapped copy located off-site. 

Lastly, awareness training programmes should be established to help educate employees on password hygiene best practices and prevent cases.

Q: We’ve talked about password hygiene quite extensively. How does this factor into basic cybersecurity? Can we make things simpler to implement and keep up with?

Sage Khor: Password hygiene is a key component of every cybersecurity strategy that serves as a fundamental defence against unauthorized access, data breaches, and identity theft. Begin adopting a zero-trust mindset and framework by continuously verifying identities. Through this, organizations can enhance their cybersecurity posture by focusing on continuous verification of access and authentication, thereby reducing the risk of data breaches.

To make password hygiene easier to implement and maintain, organizations and individuals can adopt password management tools that streamline the process of creating, storing, and updating passwords. Additionally, providing education and training on password best practices can help raise awareness and encourage users to prioritize strong password hygiene.

Q: In the worst-case scenario, if an individual’s password is compromised, what can he/she do? How do we prevent data from being compromised?

Sage Khor: There are various steps that can and should be taken to address this. The most immediate step you should take is to change the password that has been compromised. You can create secure passwords using a password manager that allows users to generate unique and strong passwords for each account. Additionally, set up an MFA which requires additional verification methods beyond just passwords. Began monitoring all account activities for suspicious behaviour or any breach of access.

Close-up Photo of Guy Fawkes Mask
Photo by NEOSiAM 2024+

Q: What about organizations?

Sage Khor: Going back to how password hygiene is crucial for organizations, it is important to note that unauthorized access to sensitive data can result in financial losses, reputational damage, and legal consequences. To prevent this, organizations should take the necessary steps to implement MFA and conduct regular software updates to protect organizations from known vulnerabilities that attackers might exploit. Organizations should be proactive in using the available tools such as password managers paired with the right training for employees to protect their data.

Implementing a zero trust security model will also be an essential step for the prevention of future cybersecurity breaches. By viewing every access request as a possible danger, this strategy will help enhance an organization’s cybersecurity posture and proactively meet regulatory and compliance requirements.

Q: How do multi-factor authentication (MFA) methods affect password hygiene? Can we rely more on MFA methods instead of changing passwords? How secure is MFA?

Sage Khor: Multi-factor authentication (MFA) methods enhance password hygiene by adding an extra layer of security, reducing the risk of cyber-attacks and unauthorized access. MFA requires users to provide multiple authentication factors, making it more challenging for cybercriminals to compromise accounts solely through passwords.

While MFA is not completely foolproof, it is considered one of the more reliable measures as it can be combined or implemented with single sign-on (SSO) and passwordless login options to reduce the efforts of users, while also increasing the efficiency and management of users and businesses.

Q: Google, Apple and Microsoft are talking about a future that relies less on passwords and more on things like biometrics or “passkeys”. What is Trend Micro’s take on this?

Sage Khor: Trend Micro emphasizes the importance of strong passwords, MFAs, and restricting access to only corporate networks. These recommendations align with the concept of biometrics and passkeys, which can provide stronger security measures compared to traditional passwords.

ed hardie RMIsZlv8qv4 unsplash
Photo by Ed Hardie on Unsplash

Unlike passwords, passkeys are not susceptible to phishing attacks or theft because the private key never leaves your device.

Passkey offers enhanced security by providing digital keys that are highly resistant to phishing and brutal force attacks, effortless logins through secure storage on a device for easy access with a tap or PIN, and seamless cross-device functionality for a hassle-free user experience.

Q: Will having alternatives like biometrics and “passkeys” make it harder to get compromised online? Does it bring a better level of cyber resilience to organizations?

Sage Khor: Having alternatives like biometrics and “passkeys” can indeed make it harder to get compromised online, enhancing cyber resilience for organizations. Biometrics, such as fingerprint scans and facial recognition, offer more secure authentication methods that are difficult to replicate, reducing the risk of unauthorized access. “Passkeys” meanwhile eliminate the need for traditional passwords, simplifying the login process and enhancing security by using alternative means of authentication.

Through this organizations can significantly improve their cybersecurity posture, making it more challenging for cybercriminals to compromise accounts and systems. Biometrics and “passkeys” provide a higher level of security and resilience, helping organizations protect sensitive data and mitigate the risks associated with traditional password-based authentication methods.

    Business, Editorial

    How Your Bad Password Hygiene Can Put Everything At Risk at Home and at Work

    Leave a comment

    Another day, another email from IT telling you to change or update your passwords. We’ve all been there, opening emails and sighing at that reminder. However, did you stop to think what could be at risk when you don’t update your passwords across the board? What could the harm with just one password not being updated?

    Password screen AI generated image

    Understanding Passwords, Password Hygiene and Multifactor Authentication

    Well, like Julie Andrews once sang – Let’s start at the very beginning, a very good place to start. What exactly are passwords in our current, digital, always connected society? If your data and accounts were your home, your password would be your master key. The one thing giving you access to everything. Of course, we technically don’t need to talk about it in this anecdotal way cause, everyone knows what passwords are. But, humour me as we break down the issue.

    Knowing that your password is a master key, how would you make sure that things are always secure? You would keep it physically near you. Maybe clean it or make sure the key’s groves are still properly functioning. Similarly, password hygiene is simply the basics of creating a secure master key. There are certain characteristics that make it secure and hard to duplicate.

    Brass Ornate Vintage Key on Black Computer Keyboard
    Photo by Pixabay

    Firstly, it must be unique. The same applies to passwords – your passwords should be unique. Something that only you can figure out. Secondly, it has to be complex, the grooves of the key must be hard to reproduce. When it comes to passwords, this is done in two ways: with the length of the password and the use of special characters. Experts recommend that passwords should be longer than 6 characters and contain a mix of upper-case characters, lower case characters, numbers and special characters. In addition, it should ideally not be birthdates, social security numbers or simple patterns.

    Now that you’ve got a secure key for your main door. Maybe we should add another layer of security considering everything you own is within this home. Let’s include a way to confirm that it’s really you opening the door. Maybe, we’ll use a voice authenticator. The addition of this second layer of security is exactly what multifactor authentication is. Essentially, it is there to ensure that it is you that is accessing your home. This has become a mainstay now with services like Google, Amazon and even Facebook requiring you to activate MFA. These are arguably, the very basics of keeping your data and digital self-safe.

    Bad Passwords Puts Everyone at Risk

    Now that we’ve covered the basics, let’s scale this up. Now think of a neighbourhood of homes. This is – perhaps – your family home. Each of your homes are interconnected with a powerline, a water source and more. However, each of these accesses are protected by the same protections that protect your mansion. More importantly, your homes are located within a gated community. This gated community is your home network. Ideally, there should be two access points to this community, one which gives you access to everything in the gated community and one that limited access. These access points are your WiFi passwords. In most cases, we tend to have two: one for your home devices and your guest password. Since we’ve established what a good password is, it should come as no surprise that the same rules of password hygiene apply even to these.

    Crop hacker typing on laptop with information on screen
    Photo by Sora Shimazaki

    However, let’s think for a second about what happens if one of our access point has a weak password. It is very common for us to setup good home network passwords, but keep our guest passwords simple – cause who needs the hassle of trying to communicate complex passwords. Well, that would be, in this anecdote’s case, like putting a security guard who is blind at the guardhouse that provides guests access to the neighbourhood. While it is still secure, it’s not secure enough. Similarly, when we use weak passwords or repeated passwords, we’re doing the same to our data. Imagine what could happen now to all the homes in the neighbourhood because of that ONE vulnerability. You can have malicious actors enter the neighbourhood and snoop around.

    Trend Micro Sage Profile Pic 07052024 1 1

    “… password hygiene is crucial for organizations, it is important to note that unauthorized access to sensitive data can result in financial losses, reputational damage, and legal consequences. To prevent this, organizations should take the necessary steps to implement MFA and conduct regular software updates to protect organizations from known vulnerabilities that attackers might exploit. Organizations should be proactive in using the available tools such as password managers paired with the right training for employees to protect their data..”

    Sage Khor, Presales Technical Manager, Trend Micro

    In the case of passwords, one weak password could put everyone at risk. Remember earlier, how we said that each home is connected with an electric line, water line and more? Well, similarly, each device on your network – be it at home or at work – is connected in some way. Having a weak password is like having a thin wooden door with a flimsy lock. These malicious actors would be able to just bring down the door and access everything in your house and potentially make their way to other homes.

    Keeping Things Secure Beyond Your Password

    Hopefully, the anecdote helps clarify how passwords are essentially the first step to creating a secure environment both at work and at home. However, sometimes, passwords are not enough. While they provide some security, we have had to build on the foundations that were provided by passwords. This is especially true in recent years with malicious actors using more sophisticated attacks that require us to be more vigilant.

    ed hardie RMIsZlv8qv4 unsplash
    Photo by Ed Hardie on Unsplash

    One of the most common way that has emerged to help secure our data is multifactor authentication (MFA). A good example of this is Google’s implementation where we need to click a prompt on our smartphones to prove your identity when accessing your Google account. This extra level of security makes it even harder for malicious actors to access your data. Another common MFA method is the use of authenticators which generate a random number that is used to unlock your accounts in addition to your password.

    In addition to this, we have to – unfortunately – be more vigilant with our online interactions. Like the popular phrase in Game of Thrones, the internet “is dark and full of terrors”. Password hygiene is only one step we can take to protect ourselves on the internet. Having proper cyber security solutions such as the solution that Trend Micro offers will offer even better protection. For organizations, this may include the adoption of Zero Trust security models that will provide even better protection against compromise.

    Editorial, Feature

    Making Digital Safe for Kids – The Big Challenge of Marrying Features and Safety

    Leave a comment

    There’s no denying that our world is becoming increasingly digital. We have graduated from writing letters and licking envelopes to writing short messages and video calls. What’s more, we have TV shows that we can watch on demand rather than wait for a scheduled time of day. But, we’ve never thought of how our children will redefine what it means to be digital natives.

    pexels rethaferguson 3825569
    Photo by RF._.studio on Pexels

    Once upon a time, it was cool to be that generation who grew up with iPads, iPhones, laptops and more. However, now, after years of academic fear-mongering and negativity, we find ourselves at a crossroads of understanding how these gadgets can be more than just causes for concern, but also tools for learning and channelling the creative curiosity that is so innate in children. We are now looking for ways to make sure our children are ahead of the curve with an inherent curiosity and understanding of technology and gadgets.

    However, with all the options available from iPads to Samsung tablets, parents are either at a loss on how to cater for children with gadgets or they are simply overwhelmed by the choices. Then, you have emerging companies like myFirst that are looking at creating gadgets specifically for children with inherent features and guard rails so parents. It’s an emerging niche in tech that we love to call kiddie tech.

    Feature-rich Gadgets that are Inherently Safe for Kids

    Kiddie tech isn’t as childish as the moniker may allude to. Instead, companies like myFirst are looking to create child-safe devices that address both the child’s needs and parental concerns. However, they are not in the business of dumbing down tech for kids either. Instead, the products being developed for children are very much up-to-date devices with all the bells and whistles we’d expect to see in a regular tablet or smartwatch.

    myFirst new product collection

    Take, for instance, the myFirst Camera lineup. This lineup of cameras allows kids to explore and express themselves through the camera lens. What’s more, it’s not a make-believe camera – no – it’s a fully functional digital camera that children can use with an SD card to capture what they see. Yes, it’s a digital camera, something we adults have left in the past. However, with devices like the myFirst Camera, parents are allowed a small window into their children’s point of view as they capture what is most important to them. Paired with items like the myFirst Frame Live, these perspectives can be shared with loved ones beyond just the nuclear family.

    G Jay Yong myFirst
    Source: myFirst

    “Kids also just want to have fun. For our wearable smartphones (WatchPhones), it would have been too easy to include games to keep the kids entertained, but we don’t have games in our watches because we want kids to be able to focus on the fun element of being social with communication, not glued to a screen on games all day.”

    G-Jay Yong, Founder of MyFirst

    These fully functional devices not only allow us to interact more meaningfully with kids, it also allow the children to become familiar with technology in a more guided manner. Things are sandboxed to an experience that is very specific and enriching for the children. When was the last time you went to the beach or a family dinner and set your child off on a photo journey? Did you learn anything from their unique perspective?

    Addressing Parental Concerns Both Digitally and In Real Life

    It’s not just about perspective when it comes to gadgets, parents are concerned. We are constantly bombarded by the media about kidnappings, dangerous online interactions and more. These situations not only strike fear in parents but also create a sense of dread when devices are passed to our kids. But, what if there was a way to alleviate your fears with a device?

    Leya Myfirst R2 1

    Devices like the myFirst Fone R2 have been built to alleviate these fears. The 4G-enabled watch allows you to know where your child is even without a smartphone. It also gives them the ability to contact you if anything were to get a little awry. Yes – it is a smartwatch with a camera on it but it does come with guard rails. These guard rails allow the experience to be unique for each child but also safe.

    Speaking of, when it comes to data privacy, parents can rest at ease with companies like myFirst. They have a robust system to ensure that data is stored privately and securely. MyFirst clarified, “When a family onboards to myFirst, the KYC is done on the parent. The parent then creates a kids sub-account for each kid. This way, myFirst only has personally identifiable information of the parents, and no personally identifiable information of the kids whatsoever.”  Of course, if it’s our data on the internet, we want it to be safe too. We’ve been assured that myFirst also takes every precaution when it comes to that.

    Striking A Balance of Safety and Fun

    There is no denying that children want to be engaged in an entertaining way. More often than not, digital experiences trump the experiences we can provide them, especially with the limited time and space we may have. So, it’s not just about making things safe and secure, it’s about striking that balance between safe and fun.

    pexels august de richelieu 4260323
    Photo by August de Richelieu on Pexels.

    In the words of G-Jay Yong, Founder of myFirst, “myFirst is built from the ground up for kids so we build in the pros, and build out the downsides, so it’s safe and suitable for kids and the family.” He emphasizes that “[myFirst devices] serve as the kids’ first tech devices so they can benefit from all the good that technology can bring to our lives like communication and being sociable, without all the bad stuff usually associated with technology.”

    This sentiment on utilizing technology for the benefit of Children is growing in today’s society. Parents are looking to stimulate their children without creating gadget addicts. This comes with a heavy responsibility of keeping an eye on interactions, apps and even websites that your children could interact with. However, devices built for children have created a safe sandbox where parents can rest at ease as their children grow, explore devices and express their curiosity.

    Editorial, Reviews

    Synology DS224+ In-Depth Review: Plug and Play NAS Systems Can’t Get Any Easier

    Leave a comment

    We’re generating more data than ever before thanks to a growing technologically savvy culture. The smartphone is one such gadget that has allowed us all to easily create content. It doesn’t matter what you’re doing for a living, having any gadget means you’re creating data. This can be in the form of home videos, pictures and even voice notes or presentations. It’s gotten to a point where our smartphones and tablets now come with a minimum of 128GB of storage and we’ve signed up for at least one cloud storage provider with at least 1TB of storage space. At the same time, we’re becoming even more aware of the need to keep our data secure. In addition, more and more cloud storage providers are charging a premium for higher tiers of storage. With all of these confounding factors, what can we do?

    Synology DS224 Review 21

    That’s where Synology’s Disk Stations come into play. The company has made a name for itself with its server solutions. Now, the company is looking at providing a turnkey solution for regular Joes and Janes like you and me when it comes to storage. These Disk Stations are versatile storage solutions that come with expandability, flexibility and security that a lot of us need when it comes to keeping our memories, work and data safe and accessible.

    We’ll be giving you a rundown and review of the Synology DS224+, one of the most basic offerings that Synology has. Is it worth investing in the system? Can you use reliably like Google Drive, OneDrive or Dropbox? These are the questions that we are looking to answer with our in-depth review of the Synology DS224+.

    What is a NAS?

    Like Julie Andrews once sang, “Let’s start at the very beginning”. The Synology DS224+ is a NAS system. Techies and Enthusiasts would be very familiar with the term. But what is a NAS? A NAS or N-A-S stands for Network Attached Storage. Essentially, it’s one or more hard disks that are attached to a network that allows multiple people to access data remotely. This means you can access your data from any device on the same local network or even the internet if you allow it. There are a lot of ways to do this, but some methods are complicated and tedious.

    The Synology DS224+ and other Synology Disk Station products make this easier with Synology’s proprietary software and platform. The Disk Stations come with at least 2 disk bays that allow you to have about 40TB of storage. The Disk Station Manager (DSM) allows you to customize how you use your NAS. It can be remote storage, a mail server and even a regular server for your website if you so desire.

    In a nutshell, a NAS is data storage attached to the internet. This allows you to use it in a variety of ways including as remote storage.

    Setting Up the Synology DS224+

    Setting up the Synology DS224+ is a pretty simple process. You have to first set up the hardware and then the software. Synology has made this very straightforward with its apps and website.

    Hardware

    Hardware is pretty simple to set up. When you buy a Synology Disk Station like the DS224+, you will get casing for the NAS and hard disks. In our case, we have the DS224+ which supports two hard disks. We were provided a bundle with two 4TB hard disks. The Synology DS224+ is a complete system. Essentially, it’s a very basic computer with a processor, RAM and storage.

    Synology DS224 Review 2

    Specs:

    CPU  Intel Celeron J4125
    64-bit, Quad Core
    2.0GHz/2.7GHz Turbo
    RAM2GB built-in
    Max 6GB (additional user-accessible slot)
    Storage2 Drive Bays (potential max 40TB memory capacity at the time of writing)
    Compatible with:
    3.5-inch SATA HDD
    2.5-inch SATA SSD
    Ports2x RJ-45 Gigabit Ethernet LAN Port
    2x USB 3.2 Gen 1
    Synology DS224 Review 7

    Assembly is straightforward. You’ll need to remove the disk caddies from within the DS224+ and place the hard disks in them. Synology provides a simple snapping mechanism which removes the need for screws and tools. All you have to do is snap on the hard disks into the caddies. If you want it to be more secure, you can use the screws provided. In our case, we didn’t do this. The DS224+ also comes with a spare slot for added RAM if you want to provide it with more RAM. We added an extra 4GB of RAM to our setup as we’d have more than 2 people accessing the system. The extra RAM would give us a little more bandwidth when it comes to downloading and uploading later on.

    Synology DS224 Review 5

    Once you’ve set up the Synology DS224+, you’ll need to get it hooked up to both power and the Internet. Hooking it up to the internet is very straightforward. In the box, Synology provides two ethernet cables which can attach to the DS224+, you need to plug these in and then plug it into two ethernet slots at the back of your home router. Generally, your router should come with 4 ports, so you should have enough. If you don’t you may need to get a simple network switch to do this. Once you hook it up to the internet, it’s time to set up the software.

    Software

    You can set up the software of the Synology DS224+ in two ways: through your web browser or the DS Finder app. Both are similar processes, but the app is a little simpler. The DS Finder App is available in the Google Play Store and Apple App Store.

    If you’re using your browser, you’ll need to access the URL https://finds.synology.com which will search your network for any Disk Station products. Using the app is as simple as opening the app and letting it do the same. Once the DS224+ is found, it will automatically set up the Disk Station Manager (DSM) software. It’s generally a step-by-step guide on both.

    image 1

    Once you’ve set up your DSM environment, you’ll need to set up your admin and user credentials. This will include setting up user groups and permissions for each group. This will allow you to share files and folders easier later on. This includes setting up private environments and folders for each user if you want to. Once this is done, your DS224+ is ready to go.

    In the DSM environment, you’ll be able to install packages that will introduce the features that you want in the DS224+.  For us, this was the Synology Drive Server package, the File Station Package, the Active Insight Package, the Advanced Media Extensions package and the Synology Application Manager package. Once these are installed, you’ll be able to access the DSM from anywhere with a phone or browser. If you’re using a browser, you’ll need to access https://quickconnect.to/ and put in the relevant credentials. Otherwise, you can use one of Synology’s many apps.

    Apps, Apps and MORE APPS? WHY SO MANY?

    Speaking of many apps, this has to be my one pet peeve with Synology’s Disk Station system. The number of apps available is just too many. There are more than 10 apps available from Synology for the Disk Station system. Although a number of them are specialized apps for specific functions of the Disk Station, I seriously think that Synology should either phase out or streamline the apps they have for the Disk Station system.

    image 2

    Throughout the setup process, you’ll be using the DS Finder App. Once you’re done with that you can simply uninstall it. You will need the Synology Secure Sign-In app to sign in with the authenticator once you set up your DS224+. If you’re using it as shared storage, you have either the DS Files app or the Synology Drive app. There’s also the DS audio, DS photos, DS Video and Synology Photos apps.

    As is pretty obvious from the list of apps, several apps have overlapping functions. It’s not only confusing for users, but it also feels unnecessary. It would make sense for Synology to merge a lot of these apps into a single app. Aside from the specialized apps like Bee Storage, a lot of the apps are repetitive. A single, unified app would help streamline and simplify the user experience of the Disk Station system immensely.

    Using the Synology DS224+ as Remote Storage

    For our review, we decided to use the Synology DS224+ primarily as shared storage. We were working off the DS224+ uploading and downloading files continuously. Primarily, we were uploading and downloading large media files for our videos and pictures for our articles on the drives.

    Synology DS224 Review 14

    The Synology DS224+ was able to handle the continuous uploading and downloading that we did. It was also very consistent when it came to upload and download speed. Of course, this also depends on the speed of the internet connection where the NAS is. Our office has a 100Mbps connection. This allowed us to upload files of about 100MB in a matter of minutes. Downloads were even faster. However, we have to note that in Malaysia we were working off 5G and 4G LTE networks at any time. On the local network, the Synology DS224+ can be mapped as a network drive making it easier to drag and drop files more seamlessly.

    We were also able to stream videos off the drive very seamlessly. The experience with the Synology Drive app on both mobile and desktop is very streamlined. The app allows you to upload and synchronize folders seamlessly with the DS224+. In fact, connections were more stable on the apps than when using the browser. I was able to upload a 400GB folder to the drive without much hassle. However, when using the browser, it kept timing out and resulting in failed uploads.

    Synology DS224 Review 9

    It’s worth noting that the Synology DS224+ can be used for more than just remote storage. The system can support running websites, mail servers and even Git repositories. Fundamentally, the Disk Stations can work as a local server for anything you need to run. As long as there is a package that supports the functionality, you’ll be able to set it up. However, regular Joes and Janes like us will mostly be using it to back up pictures, videos and even files. It would also be remiss of us if we did not highlight that you will need to replace the hard disks every so often to ensure that your Disk Station remains in working order.

    Overall, the performance of the Synology DS224+ was very stable and reliable as a shared remote drive. It also allowed us to store and streamline our work process, making it easier to get things done.

    A Beginner’s NAS Built for Simplicity & Functionality with the Potential to Do More Than Just Remote Storage

    Synology DS224+ is one of the simplest and most accessible NAS systems available currently. It’s simple to set up with a small, manageable learning curve when it comes to usage. What’s more, it’s a secure and private server that is easily accessible through mobile apps or a browser.  The DS224+ is also very versatile with the many functions it can perform. Coming in at about RM3,000 for a setup with 8TB of space, it’s also one of the more affordable options available.

    Synology DS224 Review 12

    The only drawback of the experience of the Synology DS224+ is the deluge of apps you will need to make your way through to figure out which you will be using. It also suffers a handicap compared to other subscription-based cloud storage due to the reliance on the speed of your internet. However, that isn’t a make-or-break issue considering we have broadband speeds of up to 2Gbps in Malaysia.

    Overall, the DS224+ is a powerful and affordable NAS solution for those looking for a simple and reliable way to manage their digital life.

    Business, Editorial

    Back to Normal Comes with Recruitment Woes & An Increasing Role for AI in SMEs

    Leave a comment

    Recruitment and the tech industry are things that aren’t going hand in hand at the moment. With the unprecedented growth of the tech industry during the COVID pandemic, it is experiencing a large number of layoffs as it continues to return to “normal”. However, with the contraction of large tech MNCs, comes an opportunity for Malaysian SMEs to acquire the talent they sorely need.

    Kevin Fitzgerald Employment Hero
    Source: Employment Hero

    “Amid the pandemic, many tech firms flourished as people embraced online activities. However, the return to regular work patterns led to significant layoffs due to economic strains. Currently, the tech sector is cautiously recovering, showing restrained spending on innovation despite abundant growth potential, especially driven by AI’s widespread adoption across various industries

    Kevin Fitzgerald, Managing Director of Asia at Employment Hero

    A Need to Stay Competitive and Look Beyond Local Borders Despite Higher Costs

    Employment Hero, recently highlighted in its “State of Recruitment” whitepaper, that Malaysian SMEs (Small and Medium Enterprises) are facing stiff competition when it comes to recruitment. Not only are they competing with MNCs when it comes to benefits, culture and remuneration, but they are also facing gaps when it comes to integrating technology into their recruitment processes. This is further compounded by the outlook of potential recruits who vie for positions in MNCs and conglomerates for stability and equity.

    gr stocks Iq9SaJezkOE unsplash
    Photo by GR Stocks on Unsplash

    There’s no denying that there has been a steep increase in the cost of talent over the years. However, this increase corresponds to a steeply increasing cost of living thanks to a projected economic downturn. In fact, Employment Hero’s report notes that 52% of recruiters see this as a main factor in the increasing cost. That said, should SMEs take the lead in providing or realigning their minimum wages to a more livable wage beyond the current RM1,500 requirement? That’s a question for SMEs to ponder as they continue to form an increasingly important contributor to the Malaysian economy with a contribution of over 38% in 2022, a 3.4% growth year on year from 2021. Not to mention, they account for over 60% of employment nationwide.

    SMEs can no longer sit idly by vying for the scraps of larger corporations and MNCs if they want to remain competitive. Like the Malay proverb “Bagaikan cendawan tumbuh selepas hujan” which indicates that mushrooms sprout increasingly after the rain, the Malaysian SME industry is a dime a dozen when it comes to competition. SMEs need to ensure that they are catering to a market larger than just Malaysia. They need to vie for a piece of the international pie and they can only do this if they set their sights and benchmarks at that level.

    Kevin Fitzgerald Employment Hero
    Source: Employment Hero

    “To stay ahead of their competitors, local tech SMEs can emphasise their distinctive strengths within the company, such as a supportive and positive work environment, growth opportunities and customise recruitment and retention strategies to resonate with the needs and aspirations of potential employees. Sharing their narrative and embodying values is crucial for SMEs, especially since millennial candidates actively seek employers with whom they can form genuine connections.

    Kevin Fitzgerald, Managing Director of Asia at Employment Hero

    Malaysian SMEs can also differentiate themselves with intangible benefits such as workplace culture, work environment, growth opportunities and even retention strategies. These items, which are totally in the hands of business owners and board members in SMEs allow them to offer a better, more coherent work environment that caters not only to the company’s bottom line but also to the well-being of their workforce. An increasingly weighty consideration for candidates is a remote work policy. The Malaysian government has also mandated that companies need to have a remote work policy. While this may seem to be a remnant of the COVID pandemic, it’s become an increasingly crucial consideration for workers, particularly young parents. However, it’s not the only younger ones that look for this, it’s an increasingly sought-after mode of work. What’s more, research has shown that remote work is as effective as – if not more effective than – working in person.

    headway 5QgIuuBxKwM unsplash
    Photo by Headway on Unsplash

    That said, the Malaysian government continues to invest in the tech industry. This is particularly true when it comes to 5G- and AI-related technologies at large. Drilling down, the country is also investing in segments for animation, game development and even manufacturing when it comes to tech. With these investments, SMEs can expect more talent to come their way. It falls on their plate whether they are willing to invest in long-term wins rather than short-term gains when it comes to talent.

    More Candidates Does Not Mean More Quality or Shorter Lead Times

    Even with those considerations, the Malaysian hiring landscape is not an easy one especially when it comes to SMEs. A staggering 70% of hiring leaders state takes up to a month to fill a vacant position. This is despite getting a large number of applicants. In fact, the larger the number, the longer it took recruiters to fill a position. What’s more, things get a little more complex when it comes to retaining new talent. About 43% of hiring managers report that less than 5% of new recruits actually last beyond their probationary period.

    mimi thian lp1AKIUV3yo unsplash
    Photo by Mimi Thian on Unsplash

    According to Employment Hero, this could be a mismatch between the candidates and the job role or expectations. To minimize the mismatch, Employment Hero recommends that a job description (JD) should be as detailed as possible. JDs should provide enough insight into the role. Companies should provide a deep dive into the skills required and indicate where this role fits into the larger corporation. It should be a launching pad for the candidate for the rest of the recruitment process.

    Kevin Fitzgerald Employment Hero
    Source: Employment Hero

    “As more hiring leaders implement AI in their hiring processes, they are likely to see a wider talent pool, better candidate matching and reduced bias. Importantly, we expect it to greatly reduce the entire recruitment lifecycle tremendously. So where something previously took hiring managers 41 days, it is now likely to be done in a much more accelerated time frame.”

    Kevin Fitzgerald, Managing Director of Asia at Employment Hero

    This level of detail helps leaders filter candidates better. In fact, the whitepaper indicates that over-hiring leaders who interviewed a smaller number of candidates saw better retention of their candidates. The number was as high as 63% of hiring leaders reporting this. In essence, companies need to look at vetting their applications from the get-go with a detailed JD followed by a precise, targeted approach to vetting job applications with a truncated timeline.

    Using AI to Improve Hiring Outcomes

    Of course, with technology seeping into nearly every crevice of work, it comes as no surprise that it is leaving its mark on recruitment as well. The integration of technologies like AI will undoubtedly help bolster the quality of candidates as well as the rate of retention of new talent.

    However, it’s also posing a hurdle as SMEs continue to wrestle with investing both monetarily and when it comes to skills. Unfortunately, when it comes to skills, SMEs are eventually going to have to choose between upskilling the talent they have or investing copiously in third-party recruiters who have the know-how. That said, it’s again a choice between short-term gains versus long-term gains. It falls to SMEs where their appetite for investment is and how they see their organization benefiting.

    There is, however, another option – leveraging AI technology. AI is simplifying the search for talent in many ways. In fact, Employment Hero has noted that 99% in Malaysia are already using some form of AI in their recruitment practices. AI is being leveraged to improve decision-making and detect anomalies in applications. It can also be used to gauge the candidate’s suitability for the company.

    With AI integrations, recruitment timelines are being shortened while increasing the quality of candidates. It’s even making changes to how companies onboard new candidates. It can even be used for background checks.

    A Balancing Act between Recruitment, Growth and Investment

    As much as the climate for recruitment is improving, it is increasingly becoming a balancing act for SMEs. SMEs need to determine where their priorities are; be it in recruiting high-caliber talent, upskilling and retaining current talent or even investing in technology to improve the overall recruiting process. The bottom line lies with the priorities of SMEs themselves.

    Editorial, iOS, Mobile

    iPhone 15 Rumour Round-Up – What We Expect to be C-ing

    Leave a comment

    It’s that time of the year again… Apple is about to unveil its new iPhone lineup. The event is mere hours away! But, before we sit through another keynote, let’s take a quick rundown of the rumours that have surfaced about the iPhone 15 and its siblings.

    Firstly, let’s talk about the name of the upcoming iPhone. Rumours indicated that Apple was poised to drop the Pro Max name in the iPhone 15 lineup in favour of the “Ultra” nomenclature. However, it seems like that won’t be the case as Bloomberg’s Mark Gurmen has indicated otherwise. We’ll just have to wait and see which one is true at this point.

    0x0 jpg
    Apple iPhone 15 Pro Max render based on multiple design leaks (Source: @graphicalryan, MacRumors)

    The biggest change we expect to see on the iPhone 15 is the replacement of the Lightning port in favour of the USB-C port. The change comes as a result of legislature in the EU which requires manufacturers to adopt USB-C as a common charging port for the benefit of the consumers. The legislature was passed in 2022 and gave manufacturers until the end of 2024 to comply. According to analyst Ming-Chi Kuo, it’s expected that Apple will include higher-speed USB-C ports in higher-end iPhone 15 models. According to Kuo, it’s expected that the iPhone 15 Pro and Pro Max will support USB 3.2 and/or Thunderbolt 3 while the iPhone 15 will support USB 2.0. It’s also rumoured that the new iPhones will support 35W charging although, this may only be possible with Apple-made adapters.

    Another big change we expect to see in the iPhone 15 series is a change in the camera technology. The iPhone 15 has been rumoured to be the first iPhone to feature a stacked CMOS sensor. The change in sensor technology is expected to result in a wider dynamic range and better low-light performance. The stacked CMOS sensors are expected to rely less on the image processor of the phone itself when taking low-light pictures.

    titan gray 9to5mac webp
    Source: 9to5 Mac

    While we’re on the cameras, the iPhone 15 is tipped to have a periscope lens in its camera setup. The periscope lens is expected to be included in the Pro Max model with a significant bump in camera hump size. It’s expected that the periscope lens will bring either 5x or 6x optical zoom to the camera while hybrid zoom may go well beyond that. Reports also suggest that the sensor will be a 1/2.9″ sensor with a large f/2.8 aperture. The complete setup of the cameras on the iPhone will feature a 48-megapixel main camera and a 12-megapixel ultrawide camera on the 15 and 15 plus. The Pro and Pro Max on the other hand will have an additional 12-megapixel telephoto sensor with either 3x or 6x optical zoom.

    The iPhone 15 lineup is expected to be more diverse when it comes to the display as well. The vanilla iPhone 15 and the 15 Plus are expected to have a display with only a 60Hz refresh rate while the Pro and Pro Max are rumoured to have a display with a 1-120Hz refresh rate. It’s expected that the screen size of the iPhone 15 series will be unchanged from the iPhone 14. The 15 and 15 Pro will stick to the 6.1-inch size while the Plus and Pro Max will sport a 6.7-inch display.

    Apparently, Apple will be using two different systems on a chip for the iPhone 15 lineup. The 15 and 15 Plus are expected to ship with the A16 Bionic which is used in the 14 Pro and Pro Max. On the other hand, the 15 Pro and Pro Max will be shipping with the upgraded A17 Bionic. The A17 Bionic is rumoured to be developed using TSMC’s 3nm technology which promises better performance for lower power.

    The iPhone 15 line has also been rumoured to do away with the physical buttons with haptic buttons. However, while rumours point to these plans having been scrapped before the new iPhone entered mass production, a post on X from accessory maker Spigen teased “something’s different” with a picture of the power button and volume rocker only this morning.

    Apple is rumoured to be making the new iPhone series with a new, higher-grade titanium which is lighter than the iPhone 14. However, with more premium materials comes a very painful spike in the price especially when it comes to the Pro Max model. It’s rumoured that the price of the iPhone 15 series itself will start at USD$799.99. That would be the base model iPhone 15 with 128GB of memory, the 15 Plus is rumoured to be a USD$100 premium over the 15 at USD$899.99 for the same configuration. The 15 Pro’s base model will apparently set you back USD$999.99 with 256GB of storage while the 15 Pro Max will start at USD$1,199.99 for the 256GB version. That said, another rumour points to the prices being USD$100 more expensive with base storage starting at 256GB across the board.

    Well, that’s about it when it comes to rumours. You’ll have to stay tuned to techENT for the details tonight when we finally get the official details on the new iPhone 15 lineup. If you want to tune in to Apple’s keynote, just head over to Apple.com or tune in to the official YouTube Channel at 1 AM, Malaysian time or 10 AM Pacific time.

    Apple Event - September 12
    Business, Editorial

    Recognizing Third-Party Risks & Addressing the Gaps with Identity-Based Security

    Leave a comment

    Enterprises and businesses are well into their digitization journey. Many have adopted digital strategies and tools that align with their businesses and goals. However, in their swiftness to adopt software and tools that enable them to be agile, many may have overlooked one of the most crucial aspects of their data security – third-party access and control. The issue arises as a result of the adoption of multiple diverse tools and technologies needed for digitization, the acquisition of contract talent, consultants and third-party support. This rings true even for Financial Service Institutions (FSIs). In a recent report, Gartner stated that 59% of organizations experienced a data breach due to third parties and only 16% of them say they are equipped to manage these risks.

    Boey’s Headshot 1x1

    “Today, organizations can manage up to thousands of identities which means more access points that may present significant risks. In order to mitigate the risks of breach and protect digital identities, data and resources, enterprises need a comprehensive identity security solution for complete visibility into all user types and their related access, including all entitlements, roles, and attributes, to ensure employees receive the right access to the right resources to do their job.”

    Chern-Yue Boey, Senior Vice President, Asia-Pacific, SailPoint

    While it can seem like a daunting task for IT departments and CIOs to get a handle on the issue, the truth is that it’s a simple task of managing access on a “just-in-time” and/or “as-needed” basis. With an increasing number of such instances, it becomes a conundrum of how to dynamically manage these permissions. One emerging approach is to manage these permissions or instances as “identities”. Using this approach, it’s a matter of mapping these identities and the data they have access to. Essentially, a holistic view of who (identities) can access what data (what), is needed. While it can be a little complicated to administer this on a dynamic level, companies like SailPoint provide turn-key solutions fortified with artificial intelligence (AI) that allow just that.

    An Increasing Concern for Financial Service Industries (FSIs)

    As banks and other FSIs start embracing digitization and move towards becoming digital services, we’ve seen an increasing emphasis on data security and privacy particularly when it comes to user data. However, like many other enterprises, the digital infrastructure and tools that they have in place may pose a risk when it comes to data security. What’s more, when it comes to FSIs, the consequences of poor security can result in millions of dollars of loss for both the client and the institution itself.

    hands holding a smartphone with data on screen
    Photo by Tima Miroshnichenko on Pexels.com

    In Malaysia alone, we’ve seen an increasing number of scams and data breaches in the past 5 years. This seems to have skyrocketed during the pandemic and is not showing any signs of slowing down. In fact, in the past year alone, we’ve had breaches of large service providers like Telekom Malaysia and Maxis. More worryingly, we’ve had breaches of FSIs like Maybank and iPay88. Of course, under the watchful eye of regulators, these issues are constantly being investigated and fines are dolled out for mismanagement.

    Boey’s Headshot 1x1

    “The reality is a large majority of cyber security breaches today occur as a result of non-employee identities. According to a research by Ponemon, 59% of respondents confirm that their organizations have experienced a data breach caused by one of their third parties and 54% of these respondents say it was as recent as the past 12 months”

    Chern-Yue Boey, Senior Vice President, Asia-Pacific, SailPoint

    That said, it’s important that these institutions move from a reactive approach to a more preventative and proactive one. This change has to happen with both policy and adoption of security technologies which give CIOs and data security experts a clear view of who is accessing what data and why.

    Creating A Data Secure Environment for Business

    FSIs like Maybank and iPay88 may point to their apps with features like SecureKey and their implementation of one-time pins (OTPs) as potent security measures. However, as Chern-Yue Boey, Senior Vice President at SailPoint puts it, “Authentication is like giving someone the keys to your front door, but identity security is where you can control whether this person can have access to your rooms and other aspects in your home.”

    What’s needed is a system that can cross-check and verify if access to the information is allowed. Mr. Boey weighs in on this, “A complete identity security strategy involves understanding, controlling, and managing user identities and access to all resources holistically, in line with authentication methods. This means building an identity security foundation to enable authentication and comprehensive identity governance.”.

    close up view of system hacking
    Photo by Tima Miroshnichenko on Pexels.com

    Identity governance will entail creating unique profiles to manage access to data. This also entails structuring data so that it can be accessed on an “as-needed” basis. While many systems for cybersecurity do include options for Zero Trust environments, the implementation of identity management ups the ante and creates an environment where small silos of data can be made available to external users and contractors. This will enable access to data on a restricted basis and allow CIOs and IT Departments to manage data based on job function, role and levels of access.

    Mitigating Risk with Identity-based Security

    This is where Identity Security can play a huge role for FSIs and even other corporations. The creation of these identities limits the potential exposure even if a breach occurs. That said, in order to mitigate the risk, it falls to the C-suite executives – particularly the CIO or CSO – to understand which job functions should have access to what data. Only with this understanding can they deploy solutions like SailPoint effectively.

    Having this understanding – which can be fostered at every level of management – will help mitigate risks associated with third-party workforces. In fact, it helps with a key risk: unauthorized access to sensitive data. As access becomes limited, so too do the entry points for bad actors.

    person paying using her smartwatch
    Photo by Ivan Samkov on Pexels.com

    That said, understanding is only one part of the equation, FSIs and other organizations will need better oversight over the identities in their system and the data being accessed across the entire distributed IT ecosystem. This includes the ability to grant or restrict access as necessary. Doing this will create a perimeter of security when it comes to pertinent, sensitive data.

    Maximizing Security with Informed Access

    This transparency and oversight will allow for better-informed decisions as CSOs and CIOs have access to a central repository of all users – third-party or otherwise – and their relationship to the organization. This includes their job functions and the data they have access to. It helps with managing risk when it comes to third-party access. IT Departments are able to assign risk ratings to individual third-party users based on who they work for, location, access level and other parameters as set by the organization.

    It also allows them to better manage the onboarding and offboarding of employees and non-employees as they enter and exit the organization. Essentially, the visibility, relationship data and governance will necessarily give rise to a lifecycle for each identity in the organization. While it may seem like a simple matter of managing the current access of users to the data, it goes further than that with identity management. It gives granular control and visibility to a CIO, CSO and IT Departments allowing them to react effectively and in a timely fashion. It also allows them to automate compliance audits with minimal manual intervention.

    A Necessary Measure for Dynamism and Agility

    As much as it may seem like an added layer of complications and headaches for IT departments, the shift from managing data based on access vs. through identities is the difference between being reactive and proactive. Managing data access with Identity security is a necessary measure for FSIs and organizations to remain agile in operations as well as respond dynamically to a landscape of uncertainties.

    Editorial, Lifestyle

    3 Shows You Should Be Watching This September

    Leave a comment

    August has come and gone… and with the strikes happening in the U.S., it can seem like there’s not many things that you can add to your watchlist – whether it’s offline or on one of the growing number of streaming platforms. But, don’t be down in the dumps, we’ve got a rundown of a few shows that should be on your watchlist, if they aren’t already.

    3 Shows Sept

    1. Wheel Of Time (Amazon Prime Video)

    If you missed the first season, what have you doing with yourself!? This is arguably one of the best epic high fantasy series on streaming right now. The series is based on a series of 15 books called “The Wheel of Time” and follows a group of young people, an Aes Sedai and her warder as they try to stave off the Dark One.

    WOFT S2 UT THIJAN 00136 1 700 jpg
    Source: Amazon Prime Video

    Season 2 picks off where Season 1 left off with our main characters scattered to the winds as the end of the world quickly approaches. After the events that happened in Fal Dara, we see Nynaeve and Egwene learning the ways of the Aes Sedai while maneuvering the politics that have seeped into the White Tower. Meanwhile, Moirraine and Lan are in a remote hillside as she learns to navigate the realities of being sealed off from the Source. Her inner turmoil straining the bond between her and Lan. Perrin continues the search for Padan Fain as he seeks revenge for the death Fain has wrought.

    While all of this is happening, we are left with the threads from season 1’s finale as new, unknown forces have begun to invade from the ocean. Don’t forget, the Dark One is still out there.

    The Wheel of Time Season 2 - Official Trailer | Prime Video

    Season 2 kicks off on September 1, 2023 with 3 episodes being released simultaneously on Amazon Prime Video. The season will consist of 8 episodes in total. The series stars Josha Stradowski, Rosamund Pike, Daniel Henney, Zoë Robins, Madeleine Madden, Marcus Rutherford, Dónal Finn as Mat Cauthon, and Ceara Coveney.

    2. One Piece Live Action (Netflix)

    Based on the popular manga and anime series, One Piece brings the adventures of Luffy and band of misfit pirates into live action. The series follows Monkey D Luffy as he quests to find the “One Piece” to become king of the pirates. Luffy’s journey begins in the East Blue Sea, driven by a quest to uncover the legendary “One Piece,” the ultimate treasure left behind by the late King of the Pirates, Gol D. Roger. His ambition is to claim the title of Pirate King for himself. To achieve this, Luffy seeks to build his own crew, known as the Straw Hat Pirates. Along the way, they are joined by a diverse group of individuals, each with their own unique talents and quirks.

    ONEPIECE 108 Unit 00389R2C
    (Source: Netflix) One Piece. (L to R) Jacob Romero Gibson as Usopp, Mackenyu Arata as Roronoa Zoro, Emily Rudd as Nami, Iñaki Godoy as Monkey D. Luffy, Taz Skylar as Sanji in episode 108 of One Piece. Cr. Casey Crafford/Netflix © 2023

    Their journey is anything but ordinary as they cross paths with fellow pirates, bounty hunters, criminal organizations, and revolutionaries. They also face off against enigmatic scientists, soldiers of the morally ambiguous World Government, and a host of both allies and adversaries. As they navigate the vast seas, they inch closer to realizing their dreams and ambitions.

    ONE PIECE | Final Trailer | Netflix

    “One Piece” is a tale of adventure, friendship, and the pursuit of one’s destiny, offering a rich and immersive world that continues to captivate audiences around the globe. But then again… you already knew this… right

    The series stars Iñaki Godoy, Mackenyu, Emily Rudd, Jacob Romero and Taz Skylar.

    3. Ahsoka (Disney+ Hotstar)

    Star Wars fans will undoubtedly already be devouring this series. The new series in the Star Wars franchise follows one of the most popular characters to come from its animated Clone Wars series – Ahsoka Tano, Anakin Skywalker’s Padawan.

    474f926e650463ed1c40ab1682889de2 4096x2725 60118200.jpeg
    Source: Disney+ Hotstar

    Having forsaken the Jedi order after the events of the Clone Wars and slowly become a figurehead in Rebel movement, Ahsoka finds herself looking into an emerging threat after the fall of the Empire.

    Ahsoka | Official Trailer | Disney+

    The series premiered back in August and stars Rosario Dawson as the titular character.

    Business, Editorial

    Meta Empowers Businesses to Leverage AI & Insights for Business Messaging

    Leave a comment

    There’s no denying that businesses that fail to engage with their customers are doomed to stagnate and eventually die. As a matter of fact, Meta reports that over 1B people are regularly engaging with businesses on Meta platforms. This number isn’t industry specific either, it covers over 55% of every industry.

    Meta Business Messaging 2
    Source: Meta Malaysia

    Meta continues to innovate on its platforms to allow businesses to leverage them to drive business objectives. Platforms like WhatsApp, Instagram and Facebook continue to be some of the most valuable touchpoints for businesses as it brings a mix of familiarity and proximity to both sides. It also allows businesses to leverage these aspects to build a persona and personality to better relate to its target audience. Recognising these factors, Meta has continually been innovating to allow businesses to leverage its platforms and the latest in technologies that complement them.

    Leveraging AI to Ensure Platform Safety and Innovate to Empower Businesses

    The latest to join the suite of tools is Artificial Intelligence. That’s not to say that Meta hasn’t used AI before. In fact, Facebook integrated AI into its timeline back in 2006. However, with the surge in interest when it comes to Generative AI, it is quickly becoming more apparent that we are indeed in AI 2.0.

    Meta Business Messaging 1
    Source: Meta Malaysia

    Using the new advances in AI technology, Meta has quickly adapted to address newer trends and incorporate these advances to drive better results with less data. This also comes in the wake of a growing number of regions and countries clamping down on data privacy and security. The incorporation of Machine Learning algorithms and newer AI 2.0 advancements have led to 82% of hate speech being removed through automated means on platforms like Instagram and Facebook.

    Meta is also implementing new algorithms that are created to use less data to deliver comparable or better results for businesses. To date, these algorithms have delivered a 20% increase in conversions for businesses leveraging them. With these algorithm’s working in the background, it falls to businesses to leverage them to drive business outcomes.

    Business Messaging & Continuing the Customer Journey on Meta Platforms

    As AI continues to become a deeply integrated factor for business continuity, we have to know and use the tools – paid or otherwise – that will not only allow for better outcomes but also help create a better customer experience.

    Meta Business Messaging 3
    Source: Meta Malaysia

    Meta’s Business Suite and Ads Manager are continually being updated with tools that integrate AI technology to drive better business outcomes. One such tool is Meta’s Creative+ option which appears when you post content to your page. This feature allows you to test up to 4 different creatives to determine which delivers the best results.

    Using features like this, businesses are able to extend their reach while keeping costs down. It also allows businesses to leverage the familiarity of the platforms to drive customer loyalty through business messaging. This comes in addition to AI-assisted product discovery with more broadly, AI-determined audiences for better conversions. AI-assisted determination also can help leverage behavioural data to optimise touchpoints based on customer behaviour.

    This data can also be used to create chatbots that allow businesses to interact with customers more effectively. These chatbots can be built to suit the unique needs of businesses while still allowing for the flexibility for humans to jump in at any time.

    One of the most important things to pay attention to is the trends that are emerging and continually shifting. These trends play a significant role in determining the combination of tools that will fit business needs. More importantly, it will also help determine the best approach for success on Meta’s platforms.

    Firefly A friendly futuristic humanoid robot interacting with a floating digital interface with bu1

    Meta shared a study on McDonald’s Malaysia leveraged the fact that there is an increasing number of users spending more time-consuming video content on Facebook and Instagram to be the driving force behind their recruitment campaign. Using reels available on Facebook and Instagram, the company was able to communicate the experience of being an employee at a McDonald’s outlet. Of course, the reels produced naturally embellished the experience with some fictional elements to generate interest and convey the business’s policies. This cornerstone content allowed McDonald’s to communicate directly to their target audience – Gen Z.

    This falls in line with Meta’s own data which shows that more than 50% of time spent on Facebook and Instagram is spent consuming video content. This includes long-form videos, reels and even stories. In fact, reels may be the best touch point with over 200 Billion plays per day.

    Meta’s Just Getting Started with AI 2.0 and Businesses Need to Start Leveraging It Now

    It’s only the tip of the iceberg of how AI 2.0 will be impacting our world when it comes to creating consumer journeys, continuing Business Messaging and even creating content. Meta has already announced AI efforts like LLaMA which will no doubt factor into new tools that will come to its platforms in the future.

    This will also entail businesses needing to deal with scams head-on hand in hand with regulators and companies like Meta. Meta is already working on identity verifications which will be more widely available to users as the year progresses. However, the company has yet to announce the same verification measures for businesses but we have it on good authority that it will be coming soon.