Phone porting clampdown wins thumbs up – but is it enough?

Proposed new identification measures, designed to reduce mobile number fraud are continuing to win favour in the industry – but there’s a caveat, with one vendor calling on Australia to go even further.

The new telco regulations, announced by the Federal Government earlier this week, are aimed at preventing the hijacking of mobile numbers which can then be used to access personal and financial information.

In announcing the plans, Paul Fletcher, Minister for Communications, said fraudulent number porting affects thousands of consumers each year with average losses of more than $10,000.

The new measures include the mandatory use of two-factor authentication before mobile numbers can be transfered between providers.

The Australian Communications and Media Authority, which has been directed to make the new rules mandating stronger identify verification processes, hailed the move earlier this week.

Now the Telecommunications Industry Ombudsman too, has applauded the announcement, noting it has received complaints about consumers having their bank accounts drained and email inboxes accessed through mobile number theft.

Ombudsman Judi Jones says the announcement is a positive step toward safeguarding mobile consumers from fraudsters.

“A lot of work has been done over the past year by the telco industry to address the security risks associated with mobile phone number theft, and I welcome the industry’s continued work towards consistently robust identity verification procedures. It is important to ensure these procedures keep up with evolving technological risks.”

Also giving a thumbs up – albeit a guarded one – is Robert Schwarz, managing director of software vendor Nuance Communications which says the move is ‘a step in the right direction’ – but one which can be improved on.

Schwarz says Nuance research shows fraud is a ‘massive’ issue impacting nearly a quarter of Australian consumers every year to the tune of $3,300 per person.

“As an organisation operating in fraud prevention and security, we still see too many cases where traditional knowledge based security methods like password are the industry norm,” Schwarz says.

“Cracking passwords has really become a routine for hackers, and I’m not surprised to see an average of 250 data breaches reported every six months in the context of the notifiable data breach scheme.”

He’s calling for the regulations to be extended to all industries handling consumer or business data, rather than just niche scenarios like telco rules.

“Another concern is that MFA and 2FA are only going to be viable for a limited amount of time. Hackers are learning fast and already discovering ways to bypass them.

“Even though they are still very secure, it is a patchy approach that fraudsters will force us to revisit in just a few years.”

He notes that just a few weeks ago, the FBI released a notification stressing out the insecurities of MFA, and urging organisations to start planning beyond with biometrics security.

Equinix brings edge to Sydney

Equinix is taking its Australian customers to the edge, providing Network Edge Services via Sydney.

Network Edge Services (NES) provides virtual network services, enabling enterprises to deploy network functions virtualisation from multiple vendors to connect their digital supply chains at Equinix, without a physical data center deployment or hardware requirements.

The Sydney metro availability of Network Edge is the first in Asia Pacific, alongside Singapore, which has also just been announced. NES was launched in the United States and Europe in June.

John Hanahan senior director of interconnections, told Telecom Times: “Customers have been trained by the clouds to consume things as a service and so what we have done here is effectively enabled customers to establish virtual points of presence in our facilities using industry leading network and security branded applications.”

Initial offerings include a Cisco virtual router, Versa SDWan and firewalls from Juniper, Palo Alto and Fortinet among the initial offerings available.

“Customers can select those applications out of our portal or via our APIs, deploy them on Equinix hosted infrastructure and then from there connect in real-time to the various destinations they want,” Hanahan says.

“We will continue to enhance the portfolio of vendors to really enable customers to use the software and hardware vendors their people are trained to use,” Hanahan says. “It’s important for enterprise customers to be able to leverage the same vendors they’re deploying in their branch offices, data centres and even in the cloud.”

Network Edge includes built-in integration to Equinix’s global on-demand, SDN-enabled interconnection service, Equinix Cloud Exchange Fabric (ECX Fabric). The company says by combining Network Edge with ECX Fabric, customers can deploy virtual edge devices and interconnect them to clouds and network providers located in new global markets, extending their reach to new business partners around the world.

Hanahan says Network Edge’s use cases include cloud-to-cloud routing, migrating from one cloud to another, hybrid cloud firewall and branch to cloud SD-Wan.

“In a multicloud arrangement for example you might deploy a virtual router in our facility to be able to connect an application that might be sitting in Amazon Web Services, with the database within Oracle for example.

“Instead of connecting those two over the public internet where the performance might not be consistent and latency might vary, we have the edge presence for both of those customers and can very quickly connect them together via a virtual router the customer places in our facilities.”

Hanahan says one Australian multinational has already done just that, utilising Equinix’s US NES services. NES launched in the US and Europe in June.

“By doing a cloud to cloud application architecture in this fashion they’re able to deliver a much better performance to the end users while taking advantage of the best of breed capabilities of each cloud.”

Hanahan says other use cases include customers extending their reach into new markets to connect to new clouds, using virtual points of presence to enable multicloud connectivity to clouds resident in the another market.

The figures behind Telstra’s 2022 transformation

Telstra chairman John Mullen used this week’s AGM to play up the telco’s ‘T22’ turnaround strategy – unveiled in June 2018 – dubbing it ‘the most radical and ambitious [transformation] being undertaken by any communications company in the world today’.

The three year strategy included the establishment of a new wholesale infrastructure company, Telstra Infraco, simplified product offerings and business structure and a cost reduction program.

Mullen told the AGM that in the year since launching T22, the company has reduced more than 1,800 consumer and small business plans to just 20 in market plans and done away with lock in contracts on new consumer and small business mobile and fixed plans.

The number of calls coming into Telstra’s contact centres has dropped by more than 15 million a year, with the company planning to reduce them by another 16 million by 2022.

That’s no doubt helping drive cost reductions too, with Mullen noting $1.2 billion of annual cost reduction since FY16.

Also helping on the cost reduction front – but not something Mullen was keen to play up – is the 6,000 direct employee role reductions this year.

While Mullen dubbed the reduction ‘a great concern’ given that ‘every employee is a person with a family, hopes and aspirations’ he noted that one of the biggest drivers was the transfer of Telstra’s fixed line business back to government ownership.

“While we have lost some 6,000 employees, NBN now employs 6,400 and many thousands of contractors, so overall employment has risen in the industry.”

Mullen shot down criticism of chief executive Andy Penn’s $5 million pay packet, saying the board had spent a ‘huge amount of time’ consulting to find an appropriate compensation scheme after being given a ‘first strike’ last year when shareholders rejected the company’s remuneration report.

He said share prices can’t be the only metric on which management performance is rated, and cautioned that ‘first class leadership’ is critical in the current environment of transformation and retaining top management depends on a number of things, including remuneration.

“When I was younger almost every executive aspired to being the CEO of a big public company. Today there is a real risk that the media scrutiny, populist criticism and governance challenges are starting to lead talented executives to look for alternative career paths such as private equity where they can build their careers out of the spotlight.

“Transparency and accountability are of course good things, but we need to be very careful that the pendulum does not swing too far and we lose top talent, as this will ultimately only be to the detriment of shareholders.

The company reported a drop in profit this year with Mullen laying part of the blame – some $600 million in negative recurring EBITDA headwind – on the NBN but promising FY2020 will be ‘pivotal’ for Telstra, with expectations of up to $500 million in growth.

Mullen saved much of his chairman’s speech to slam the NBN, saying it is a ‘state-owned monopoly that is going to cost the country more than $50 billion’ – while also accepting that Telstra must bear part of the blame due to its recalcitrance in helping the government at the time.

He says all Australians would have had access to better high-speed broadband at ‘a fraction of the cost’ if the NBN had not happened.

“It is always easier to comment with the benefit of hindsight, but it is my view that over the last 10 years private sector competition between strong players such as Telstra, Optus, TPG and others was always going to build 100MB broadband access and speed to the majority of the population of Australia, in an ongoing competitive landscape and at no cost whatsoever to the taxpayer.”

NBN taken to task by ACCC over discriminatory behaviour

NBN Co has received a slap down from the ACCC for discriminating between RSPs and for providing Macquarie Telecom with pricing details months ahead of its competitors.

The government-owned wholesaler has been given a formal warning over the discrimination with the ACCC accepting a court enforceable undertaking from NBN that it will put in measures to ensure similar doesn’t happen again.

The action, which relates to NBN’s enterprise Ethernet offerings, is the first time the ACCC has used its power to issue a formal warning for a contravention of the service providers. NBN Co is prohibited under Competition and Consumer Act obligations from discriminating among retail service providers in the supply of regulated wholesale services and related activities.

The ACCC says from at least January 2018, NBN offered ‘materially different’ commercial terms to different RSPs as it upgraded its infrastructure to support high-speed, business-grade services. It also provided Macquarie Telecom (which ACCC says did nothing wrong) with indicative pricing information for its new enterprise ethernet service in January 2018. It wouldn’t be until May 2018 that other RSPs would see that same information.

ACCC chair Rod Sims says NBN Co failed to comply with its non-discrimination obligations on a number of fronts.

“These legal obligations were enacted to ensure that NBN Co does not distort competition in the market for retail NBN services, such as by favouring larger RSPs.”

The ACCC says it found no evidence that NBN’s actions resulted in specific harm or competitive detriment and that market feedback found NBN’s entry to the wholesale markets had increased competition, particularly in areas where Telstra was the only other fixed-line infrastructure provider.

Sims says the action was nonetheless a serious breach of NBN’s non-discrimination obligations.

“The undertaking we have accepted from NBN Co is intended to ensure that all access seekers can compete on an equal footing going forward.”

In its undertaking to the ACCC, NBN co admits it didn’t have appropriate processes in place to ensure compliance with transparency and non-discrimination obligations. It has committed to offering consistent contract terms and to providing information at the same time to all access seekers, as well as implementing ‘extensive compliance processes’. An external audit of its compliance will also be required.

“We will be closely monitoring NBN Co’s conduct under the enforceable undertaking, and reserve our right to take further action if we are not satisfied,” Mr Sims says.

Australia-US negotiate Cloud data sharing

Australia and the United States have begun negotiations which could see law enforcement and security agencies on both sides of the Pacific gaining access to data held on cloud platforms in the other country.

Formal negotiations for a bilateral agreement under the US Clarifying Lawful Overseas Use of Data Act – otherwise known as the Cloud Act – began this week.

If formalised and approved the agreement will require service providers in Australia and the United States ‘to respond to lawful orders from the other country without fear of running afoul of restrictions on disclosure and thus provide more access for both countries to providers holding electronic evidence that is crucial in today’s investigations and prosecutions,” says United States Attorney General William Barr.

In plain English, the Cloud would require cloud and social network providers in Australia to hand over data relevant to serious crime when requested by US law enforcement agencies, and vice versa. The Act removes some of the barriers to gaining access to the data which the US says can take between six months to two years, with requests for data being submitted first to the relevant government for approval. The Cloud Act aims to reduce that to weeks or even days.

The opening of negotiations comes just a week after the US signed a similar ‘world first’ data access Cloud Act deal with the UK.

New legislation would need to be written and passed in Australia before the deal could become official.

Australian Minister for Home Affairs, Peter Dutton, says “We have some way to go before the agreement is finalised, but once in place it will mean service providers based in the United States can respond directly to electronic data requests issued by our enforcement agencies under Australian law for data critical for the prevention, detection, investigation and prosecution of serious crime.”

Dutton current processes for obtaining electronic information held by service providers in other countries risk loss of evidence and unacceptable delays to criminal justice outcomes.

“When police are investigating a terrorist plot or serious crime such as child exploitation, they need to be able to move forward without delay, but within the law – and the Cloud Act strikes exactly that balance,” Dutton says.

“This is the way of the future between likeminded countries.”

The negotiations come as the Australian, US and UK governments call on Facebook to hold off on  its plans to deploy end-to-end encryption across Messenger, Instagram and WhatsApp messaging.

Multi-cloud adding new challenges: report

Multi-cloud is giving CIOs headaches according to a new report, which found that application experience is suffering as a result of companies increasingly using more than one pubic cloud in conjunction with a private cloud infrastructure.

The survey, conducted by Forrester Consulting on behalf of New York based application experience specialist Kemp Technologies, confirms that multi-cloud is fast becoming the standard for business with 84 percent of CIOs surveyed expecting multi-cloud will make up to half of their hosting environment in the next three years – up from an average of less than 30 percent today.

But the report – based on a survey of 150 companies across Australia, India, Indonesia, Singapore and Hong Kong – also found that as more critical applications migrate to the public cloud, the ability to achieve visibility and control is becoming crucial to maintaining resilience and availability as well as ensuring the optimum application experience.

“The migration of applications into public cloud environments or across multiple clouds can enable better application experience, control and flexibility when paired with load balancing infrastructure,” says Tony Sandberg, Kemp APAC regional director.

IT teams are predicting a more complex environment deploying applications in the cloud and are expressing a clear need to simplify deployment, get better management and control of those applications. Speed, agility, scalability, and automation are now the top requirements for these load balancers.

“Deployment of load balancing on a per-application basis that matches exact requirements will become more common to achieve the speed and agility required today,” the report says.

“Where load balancers were once configured and left to run for months or even years at a time, IT teams today are looking to automation to help build and deploy load balancers in desired states more frequently, ensuring applications can be scaled up and down, migrated to and from different clouds and to address failover scenarios.”

ACCC to NBN: Improve service or pay the cost

Sort the service problems or pay the price. That the message from the Australian Competition and Consumer Commission, as it proposes new terms – including increased rebates for missed appointments, late connections and unresolved faults – in an effort to improve NBN Co’s wholesale service levels.

The consumer watchdog has released a draft decision for new regulated wholesale terms for the service standards NBN provides to RSPs. Among the proposals is that one-off rebate payments switch to a daily penalty, at an increased rate, and rebate rates for missed appointments increased from $25 to $75. Also flagged is a $20 monthly rebate introduced for underperforming fixed wireless services.

The proposals are part of the NBN wholesale service standards inquiry, which kicked off back in 2017 as complaints about the service soared. The Telecommunications Industry Ombudsman’s Annual Report for 2018-2019 noted 11,635 complaints about changing providers or establishing connections to the NBN, with the number of complaints rising from 6.7 per 1000 in the first half of the year to 8.6 in the second half.

Once connected, the complaints continued, with 23,362 complaints recorded about service quality.

In August the ACCC also flagged underperforming broadband as an issue, noting in its Measuring Broadband Australia report that 12.4 percent of consumers were continuing to experience underperforming services that rarely come close to reaching maximum plan speeds.

This week’s draft decision report says daily rebates for delayed connections should involve ‘a meaningful financial consequence for each delayed connection, providing a clear incentive for NBN Co to promptly resolve connection delays and minimise harm to end-users’.

With that in mind, the ACCC has suggested a connection rebate of $13.50 per business day for each missed connection service level, up to 20 business days.

Slow fixing of faults would see NBN charged $20 a day for the first five business days, then $30 a business day, up to a cap of 40 business days.

Rod Sims, ACCC chair, says it’s unusual for a monopoly telco network operator of NBN’s scale not to face regulated services standards.

Sims says the draft arrangements are designed to provide NBN Co with ‘more incentives’ to lift service standards to retail service providers, something Sims says should, in turn, improve service to consumers by reducing instances of missed appointments, delayed connections and unresolved faults.

“We have heard long-standing concerns from consumers about how frustrating, inconvenient and costly these issues can be,” Sims says, adding that there needs to be more action from NBN Co and RSPs.

NBN and RSPs are currently negotiating a new wholesale broadband agreement, setting out access to NBN’s wholesale service, and Sims says the ACCC’s proposal is expected to complement industry negotiations.

“These proposed regulated terms will establish baseline service standards, while allowing parties freedom to bargain on specific terms,” he says.

“We expect NBN Co and other service providers to identify more improvements that will benefit consumers.”

Feedback on the draft decision is open until 01 November.