Reduce costs and eliminate complexity, boosting efficiency, growth, and future success.

November 2022 | Issue 5

01

HELP – My IT system needs to see a doctor!

Just like a car needs to undergo an MOT to ensure everything is running efficiently, IT System Health Checks are essential if you want to ensure your IT processes and systems are working to their full potential.

02

E-Invoicing - a new global standard

E-Invoicing has rapidly become the norm in many of the world’s major countries, from Asia to Africa and the Americas with most countries in the European Union mandating E-Invoicing for either B2G or B2B supplies.

03

Zero Trust Security – Are you fully protected?

Zero Trust security is a trending cybersecurity buzzword in the world right now with organisations scrambling to proactively secure their organisations. With EU legislators unifying data protection policies and laws throughout the EEU and enforcing GDPR regulations with heavy penalties, it is not a concern to be taken lightly.

04

3 steps to help protect your B2B transactions and file exchanges from security threats

Ransomware and cybercrime have grown to crisis-level proportions, with cybercriminals using more robust attack methods every year. The only solution is to improve defensive technologies and bolster IT hygiene.

HELP – My IT system needs to see a doctor!

Just like a car needs to undergo an MOT to ensure everything is running efficiently, IT System Health Checks are essential if you want to ensure your IT processes and systems are working to their full potential. You may have deployed a system that was configured to your companies’ specific needs, but it is important to remember that every IT infrastructure is subject to degradation over time. You may not even realise that there are improvements available to you, or that you are not effectively mitigating potential risks that could harm you operationally and financially.

“In our 20-year history, we have designed and developed a number of services and solutions that make our customer’s lives easier and more profitable”

An IT System Health Check can help your organisation’s network to operate more efficiently, by identifying inconsistencies and irregularities in your IT processes that are hindering stability and infrastructure performance.

There are a number of reasons why your IT system may not be working optimally, from the overutilization of resources, to out of specification hardware. The two most likely culprits, however, are usually outages caused by the over application of manual intervention and data breaches.

OUTAGES – Reduce the amount of manual intervention, don’t increase it.

In the last decade, there has been a huge shift from building applications in a monolithic architecture on a server to today’s microservices that are packaged in containers and hosted in a cloud environment. Developers are under pressure with the increase in complexity. According to Ars Technica, there are 100 times more code being managed in the 2020s compared to 2010s which unfortunately elicits 100 to 150 errors for every thousand lines of code written. Lehman’s laws of software predicted this inevitability, where the quality of our software systems would decrease, despite massive improvements, because of our inability to rigorously maintain and adapt. It stands to reason if you consider how many hacks, shortcuts, and workarounds are applied over a computer’s life. The main issue is not only the “quick fixes” we apply to avoid outages, but that we rarely revisit these band aid solutions to find the underlying causes and apply a long-term solution. Inevitably, these “quick fixes” cause issues in other areas of the computer’s performance, which slows our systems down even further. This leads to more unplanned outages that are costly to our business, customers, and suppliers.

Automating your IT processes makes your data more accurate, transparent, and accessible, removing the potential for errors, delays, and unexpected costs. 

Data breaches can destroy your company!

IBM recently carried out their 17th Cost of Data Breaches report where 550 organisations were studied for the impact that data breaches have on their organisations. They discovered that 83% of organisations surveyed had more than one data breach in the last year, of which 60% led to increases in prices, which were passed onto customers. In almost all the cases studied, the proper application of basic security fundamentals could have prevented these breaches, such as the updating of software on a regular basis to ensure strong ciphers are applied, and password authentication methodologies are strengthened.

Companies can save millions incurred from data breaches, just by automating their cybersecurity posture to prepare for these attacks with software-based monitoring, detection, and containment.

An IT Systems Health Check can help discover opportunities to increase computing efficiencies and reduce costs. These are conducted by experts in the particular systems that the customer is concerned about. Coliance conducts many IT System Health Checks on IBM Secure File Transfer, EDI, and Application Integration systems such as IBM Sterling B2Bi, SFG, Connect: Direct or IBM App Connect Enterprise. We use our expertise to perform analysis and conduct an audit in the following key areas:

Coliance’s highly experienced team will provide a consolidated report that includes a set of recommendations and follow-up activities with innovative solutions to counteract your vulnerabilities.

The benefits of undergoing an IT Systems Health Check cannot be denied. Coliance recently assisted a large US manufacturer who was experiencing regular outages that impacted their reputation and resulted in a loss of revenue. Despite having a robust in-house IT team, they could not identify the root cause of their outages. Coliance’s IT Systems Health Check revealed an issue with high memory utilization, along with several contributing bad practices:

– Incorrect database configuration.
– Bad queue management.
– Incorrect persistency levels.
– Poor business process design.

By making a few environmental and code changes, Coliance was able to stabilise their system, reducing outages from four per month to zero in the period of observance. The company’s reputation for reliability was restored and their revenue growth re-established.

With technology continually evolving and legacy systems being affected with new vulnerabilities, it is important for every organisation to review their existing IT solutions and undertake an IT Systems Health Check. Coliance can help you re-assess your baseline, remediate any potential risks, and keep your IT systems healthy. If you are interested in improving your operational efficiency and rolling out defensive and proactive IT security measures, then consider using Coliance’s experience to implement a thorough Health-check, call us today, it could save your reputation.

02

E-Invoicing – a new global standard

E-Invoicing has rapidly become the norm in many of the world’s major countries, from Asia to Africa and the Americas with most countries in the European Union mandating E-Invoicing for either B2G or B2B supplies.


The number of countries who have only mandated B2G transactions via E-Invoicing will likely add the same requirements for the B2B sector in the next few years.

 

Whilst the move to E-Invoicing is motivated by the global digitization of tax, estimates show that there is a 50-80% reduction in costs when invoice processing is electronic. This is why current research shows that the global E-Invoicing market currently worth $8.74 billion is expected to reach $29.68 billion by 2027. It’s not just about financial viability however, Italy – home to one of the most advanced E-Invoicing systems in the world – has proved that E-Invoicing not only reduces tax evasion but drives higher levels of efficiency, providing a better customer service experience.



In the UK, the policies behind E-Invoicing are similar to the principals being established by the European directives.


The use of E-Invoices for B2B transactions is currently optional in the UK, with suppliers needing their customer’s agreement and acceptance to receive-E-Invoices. With B2G invoicing, the UK requires government departments to receive E-Invoices from their suppliers using PEPPOL as the acceptable standard. The exception to this voluntary E-Invoicing mandate, however, is the NHS, who made an announcement last November of their intent to reach net zero by 2045. They successfully moved their processes in entirety to E-Invoicing early in 2022. All invoices are now required to be submitted to the NHS Shared Business Services (NHS SBS) electronically via the NHS’s Tradeshift E-Invoicing platform. The platform uses Electronic Data Integration (EDI) functionality that enables suppliers to integrate with their existing ERP or invoicing systems. They list advantages for the move as cost reducing, faster processing and daily progress updates.



With the world moving towards mandating E-Invoicing, it’s important to invest in solutions that will ensure seamless automation of your B2B processes, especially if you are still carrying out manual invoice processing.


 

With governments leading the way and most organizations striving to become fast and agile in their trading processes, we are at the juncture where not implementing an effective E-Invoicing solution could be detrimental to your longevity.


So where do you start?


If you are new to the idea of E-Invoicing, it’s important to understand the difference between the digitization of a paper invoice versus an E-Invoice. Making a PDF copy of a paper invoice for submission is not the same as E-Invoicing. Digital images, PDF and other visual digital forms of

invoices still require manual viewing and capturing into the buyer’s Finance or Enterprise Resource Planning system.



Electronic invoicing is the exchange of an electronic invoice document between a supplier and a buyer where the invoice (E-Invoice) is issued, transmitted, and received in a structured data format that allows for its automatic and electronic processing.


 For an E-invoice, the visual format is secondary to the objective of automation, where viewing the invoice in a human-readable version is not considered part of the invoice itself.

E-Invoices are not:

E-Invoices are:

If you are wondering how you can go about installing the best B2B invoicing software for your business, it’s important to reach out to an organization that specializes in this application. Implementing a new E-Invoicing system, which includes specific standards and registering documents for government platforms, is not a simple task, especially if your company operates globally with many foreign suppliers.


Coliance are experts at establishing the functionalities and integrations that you need, carefully aligning them with your budget and ensuring scalability. With years of experience managing our client’s supply chain needs, we are well equipped to outline the best options for introducing E-Invoicing in your organisation.


 Adopting Electronic invoicing can streamline your workflow, increase productivity, improve your customers experience and save you money. Coliance via its Agora Managed Service provides ways to handle E-Invoicing and other electronic documentation via EDI or Application Programming Interfaces (APIs). We can assist you without disruption to reduce your costs per invoice, minimize errors and free up your resources and time. Most of all, we will ensure you are prepared for what appears to be a future mandated requirement.

03

Zero Trust Security – Are you fully protected?

Organisations trying to protect their supply chain from ransomware attacks face a considerable enemy as they essentially protect not only themselves, but thousands of other networks. Threat actors know that targeting our supply chains means a threat to an entire ecosystem, impacting more than just the initial business targeted. The resulting impact of an attack on a supply chain has a ripple effect, with ships getting stuck in ports, shelves emptying in the grocery store or worse, medicinal supplies depleting.

 

As sophisticated as we are with our large spheres of interconnections in our digitized supply chain business models, so too are ransomware attacks over the last couple of years:

Part of this drive for digital transformation includes maintaining visibility with interfaces, to ensure their proper function. With the growing complexity of today’s modern application estates, organisations embarking on complex digital transformation initiatives must have a strong integration strategy for their transformation to be successful. We already know that APIs are key to a digital transformation because of the sheer number and complexity of applications that most medium size organisations require. Establishing a modern IT architecture that is agile and collaborative is key but ensuring that you do not sacrifice control is even more imperative.

1. 

Kaseya, an IT solutions developer for MSP’s and enterprise clients, was the victim of a cyberattack last year. As a provider of technology to MSPs, which in turn serve other companies, Kaseya is the centre of a wide software supply chain. Leveraging a vulnerability in their VSA software, the event affected between 800-1500 small to medium-sized enterprises, leaving the affected companies unable to conduct business for weeks. Clients were urged to shut down their infiltrated VSA servers, with Kaseya shutting down their VSA SaaS infrastructure. The ransomware was pushed via a fake and malicious software update leaving 800 Co-op supermarket chain stores in Sweden, among other organisations, temporarily closed, unable to open their cash registers.

2.

The SolarWinds attack was even more successful, enabling hackers to infiltrate 18,000 organisations, including dozens of US Government agencies. SolarWinds are a software company that deals with system management tools and has over 300,000 customers, including the Department of Defence and 425 of the Fortune 500. The malware was deployed as an update from SolarWinds own servers, making it difficult to investigate and solve and is known as one of the largest and most sophisticated operations ever seen.

3.

The emergence of many new ransomware-as-a-service (Raas) gangs in 2022 is equally staggering, such as Mindware, Onyx, Black Basta and the return of REvil. The five biggest attacks this year were on Nvidia, the Costa Rica Government – who declared a national emergency in response to the attack. Bernalillo County in New Mexico, SpiceJet and Toyota who experienced a 5% dip in their production capability.

The B2B landscape is a literal breeding ground for hackers. Organisations need to be aware of these threats and source the best security measures to revitalize their cybersecurity infrastructure.

IBM has released a helpful Supply chain guideline offering 3 steps to help protect your B2B transactions and file exchanges from security threats that can decrease your risk exposure, limit damage and build resiliency into your systems to recover quickly. The article covers how to limit your exposure, control the spread in the event of an attack and how to recover.



As noted, there is no magic bullet to guarantee 100% protection from security incidents, but there certainly are ways to minimize risk, limit damage and build resiliency. If you feel your business is at risk, or have concerns about your future security, then contact Coliance. We offer multi-layered solutions to circumvent multi-layered attacks and can guide you to find the best way to Protect, Detect and Recover against ransomware attacks.

04

3 steps to help protect your B2B transactions and file exchanges from security threats

Organisations trying to protect their supply chain from ransomware attacks face a considerable enemy as they essentially protect not only themselves, but thousands of other networks. Threat actors know that targeting our supply chains means a threat to an entire ecosystem, impacting more than just the initial business targeted. The resulting impact of an attack on a supply chain has a ripple effect, with ships getting stuck in ports, shelves emptying in the grocery store or worse, medicinal supplies depleting.

As sophisticated as we are with our large spheres of interconnections in our digitized supply chain business models, so too are ransomware attacks over the last couple of years:

Part of this drive for digital transformation includes maintaining visibility with interfaces, to ensure their proper function. With the growing complexity of today’s modern application estates, organisations embarking on complex digital transformation initiatives must have a strong integration strategy for their transformation to be successful. We already know that APIs are key to a digital transformation because of the sheer number and complexity of applications that most medium size organisations require. Establishing a modern IT architecture that is agile and collaborative is key but ensuring that you do not sacrifice control is even more imperative.

Kaseya, an IT solutions developer for MSP’s and enterprise clients, was the victim of a cyberattack last year. As a provider of technology to MSPs, which in turn serve other companies, Kaseya is the centre of a wide software supply chain. Leveraging a vulnerability in their VSA software, the event affected between 800-1500 small to medium-sized enterprises, leaving the affected companies unable to conduct business for weeks. Clients were urged to shut down their infiltrated VSA servers, with Kaseya shutting down their VSA SaaS infrastructure. The ransomware was pushed via a fake and malicious software update leaving 800 Co-op supermarket chain stores in Sweden, among other organisations, temporarily closed, unable to open their cash registers.

The SolarWinds attack was even more successful, enabling hackers to infiltrate 18,000 organisations, including dozens of US Government agencies. SolarWinds are a software company that deals with system management tools and has over 300,000 customers, including the Department of Defence and 425 of the Fortune 500. The malware was deployed as an update from SolarWinds own servers, making it difficult to investigate and solve and is known as one of the largest and most sophisticated operations ever seen.

The emergence of many new ransomware-as-a-service (Raas) gangs in 2022 is equally staggering, such as Mindware, Onyx, Black Basta and the return of REvil. The five biggest attacks this year were on Nvidia, the Costa Rica Government – who declared a national emergency in response to the attack. Bernalillo County in New Mexico, SpiceJet and Toyota who experienced a 5% dip in their production capability.

The B2B landscape is a literal breeding ground for hackers. Organisations need to be aware of these threats and source the best security measures to revitalize their cybersecurity infrastructure.

IBM has released a helpful Supply chain guideline offering 3 steps to help protect your B2B transactions and file exchanges from security threats that can decrease your risk exposure, limit damage and build resiliency into your systems to recover quickly. The article covers how to limit your exposure, control the spread in the event of an attack and how to recover.

As noted, there is no magic bullet to guarantee 100% protection from security incidents, but there certainly are ways to minimize risk, limit damage and build resiliency. If you feel your business is at risk, or have concerns about your future security, then contact Coliance. We offer multi-layered solutions to circumvent multi-layered attacks and can guide you to find the best way to Protect, Detect and Recover against ransomware attacks.

Let's get started

drop us a line and keep in touch

Your Feedback Could Shape Future Products

As Gold partners of IBM for over 20 years, we have a direct line to the IBM Product Management Team. Share your feedback or Enhancement Request and we’ll relay it to IBM on your behalf.