The ITAM Roundup: 1/21/24

5000 Employee UK Company Confronted by Java Audit E-Mails

Oracle is still out for Java compliance. A medium sized UK firm faced potential licensing issues from Oracle regarding Java downloads. Redress Compliance implemented a strategy that included clear communication plans, advisory roles for Java-related matters, and a robust audit defense strategy, which reduced Oracle's initial claims of $1.8 million over three years were entirely dropped. Another case study demonstrating that ITAM professionals should be careful around the complexities of Java.

5,000 Employees UK Company Confronted by Java Audit E-mails

5,000 Employees UK Company Confronted by Java Audit E-mails

Redress Compliance - Just another WordPress siteFredrik Filipsson

As Broadcom nukes VMware's channel, the big winner is set to be Nutanix

As we have seen over the last few months, Broadcom is focusing on selling VMware Cloud Foundation and transitioning customers to subscription licensing, ending VMware's partner program. Nutanix is uniquely poised to benefit from this disruption, with financial analysts noting that the upheaval may allow Nutanix to gain market share from VMware, leading to a rise in Nutanix's stock price. Additionally, Cisco's partnership with Nutanix is seeing increased channel activity, making it a beneficiary as well.

Nutanix set to benefit most from Broadcom’s VMware upheaval

A lot of IT depts can’t wait to get past their ESX addiction

The RegisterDan Robinson

TSMC delays second Arizona chip foundry

TSMC, the world's largest semiconductor manufacturer, has announced a delay in the opening of its second chip foundry in Arizona, USA. This comes after the first foundry faced delays due to labor disputes, safety issues, and workforce development programs. The second facility, which is designed for producing advanced 3nm chips, is now set to open in 2027 or 2028, rather than the previously planned 2026 date. The delay is attributed to TSMC's anticipation of grants from the CHIPS and Science Act, which encourages semiconductor manufacturing capacity in the US.

TSMC delays second Arizona chip foundry

Taiwanese silicon giant TSMC will push back the opening of the second of its two planned chipmaking facilities in Arizona. The move comes nearly six months after delaying the first plant.

ComputerworldJon Gold

Tech layoffs in 2024: A timeline

The past year saw a frenzy of layoffs across the tech industry. Despite expectations for rebounds, job cuts have persisted, including some that are extensions of those announced in 2023. In the previous year, major tech companies, including Amazon, Cisco, Meta (parent company of Facebook), Microsoft, Google, IBM, SAP, and Salesforce, along with smaller firms, implemented significant workforce reductions.

Tech layoffs in 2024: A timeline

Technology companies have continued to lay off staff in 2024, despite improving fundamentals. Here’s an updated timeline of notable layoffs, and reasons why Big Tech is in turmoil.

ComputerworldJon Gold and Charlotte Trueman

In addition, Computerworld cites information provided by this layoffs tracker, Layoffs.fyi:

Layoffs.fyi - Tech Layoff Tracker and Startup Layoff Lists

[LIVE] Tracking all tech startup layoffs — and lists of employees laid off — since COVID-19. This page is constantly being updated.

Layoffs.fyi

Layoffs, Layoffs, and more Layoffs:

Google Continues With Layoffs in 2024, CEO Warns of Further Cuts Ahead

Google has announced a new round of layoffs in 2024, affecting the YouTube business branch and Google's advertising sales teams, with over 100 jobs cut so far. CEO Sundar Pichai warned employees of further cuts in the coming months as part of the company's reorientation toward artificial intelligence and new projects. While Google is reducing its workforce, it is also investing in expanding its business operations, such as the construction of a $1 billion data center in the U.K., which is expected to create additional jobs.

Google Cuts More Jobs in 2024 - Spiceworks

Google has continued with its latest round of layoffs, hitting numerous teams in the organization. Find out more.

SpiceworksAnuj Mudaliar

CentOS Linux End of Life

CentOS Linux 7 is reaching its end of life on June 30, 2024, which means it will no longer receive support after this date. CentOS Linux has been a popular free alternative to Red Hat Enterprise Linux, known for its stability and security. The CentOS Project will now focus on CentOS Stream, an upstream distribution that tracks ahead of RHEL and allows open-source community members to contribute to future RHEL versions. Users of CentOS Linux 7 are advised to migrate to other supported operating systems, including RHEL8, RHEL9, or CentOS Stream, to ensure continued support.

CentOS Linux End of Life - Lansweeper

CentOS Linux is reaching its final end of life on the 30th of June, 2024. Make sure to prepare for your migration ahead of time to remain supported.

LansweeperLaura Libeer

Microsoft Drops Copilot Restrictions

Microsoft has removed restrictions on Copilot for Microsoft 365, allowing Office 365 E3 and E5 tenants to use it with no minimum purchase requirement. Small business tenants with Microsoft 365 Business Standard or Business Premium can purchase between one and 299 Copilot licenses. While this change is welcomed, organizations should carefully consider its advantages and readiness before purchasing Copilot licenses through trials.

Microsoft Drops Copilot Restrictions

In a January 15 announcement, Microsoft says that they have removed the previous restrictions that applied to purchases of Copilot for Microsoft 365 licenses. Office 365 E3 and E5 tenants can now buy and deploy Copilot and the requirement to buy a minimum of 300 licenses is gone. Suddenly, 2024 has become much more interesting from an AI perspective for many Office 365 tenants.

Practical 365Tony Redmond

For more on this same story, check out UpperEdge as well:

4 Major Updates to Copilot for Microsoft 365

Here are the updates Microsoft announced for Copilot for Microsoft 365 for customers considering adopting Copilot for Microsoft 365.

UpperEdgeAdam Mansfield

The Future of Edge Computing: Micro Data Centers Are Redefining Security and Sustainability

The rise of micro data centers is redefining how businesses handle data processing and storage at the edge of their networks. These compact, modular units are designed to meet specific site requirements and process data close to its source, improving performance, security, and compliance. This shift towards micro data centers reflects the evolving needs of modern businesses in managing data in a distributed and efficient manner.

Edge Computing and the Rise of the Micro Data Center - Spiceworks

Edge computing has transformed the nature of the datacenter, creating a need for micro data centers that often must fit into unconventional spaces that can be environmentally challenging.

Spiceworks

3 Common Mistakes When Counting Your Oracle Named User Plus License Requirements

Properly counting Oracle Named User Plus (NUP) licenses is crucial to avoid financial exposure during an audit. The below article gets into some common mistakes, such as neglecting minimum license requirements, and more. Additionally, relying solely on SAM tools for counting may not provide accurate results, and running scripts of your system environment for Oracle is certainly not recommended as it could expose unnecessary information.

3 Reasons You Miscounted Your Oracle Named User Plus Licenses

To correctly count the number of Oracle Named User Plus licenses you require, be sure to avoid making any of these three common mistakes.

UpperEdgeErwann Couesbot

How To Do A Successful Procurement Negotiation

To conduct a successful procurement negotiation, it's essential to consider key factors such as the actual software cost, delivery timing, and vendor performance feedback. Understanding your business needs and aligning them with the vendor's business model is crucial. Two important negotiation strategies are Zones of Possible Agreements (ZOPA), where both parties find a win-win pricing zone, and Best Alternative To a Negotiated Agreement (BATNA), which prepares for unsuccessful deals. Utilizing services like Zluri can streamline the procurement process, leveraging their expertise and data to secure favorable deals.

How To Do A Successful Procurement Negotiation

During the negotiation process, it is helpful to have an objective that is crystal clear. Therefore, before starting with the discussions, you should ensure that you have a clear head on your requirements.

ZluriRohit Rao

Understanding Software Licensing Models

Understanding the basics around software licensing is critical in ITAM. This article serves as a comprehensive guide to different software licensing models, explaining how they work, the types that exist (perpetual, subscription-based, usage-based, and open source), and factors to consider when choosing a model (such as budget, project duration, and scalability).

Understanding Software Licensing Models

Cost efficiency and flexibility with concurrent software licensing. Explore types, benefits, and considerations for dynamic IT environments.

InvGate Inc.Pablo Sencio

Microsoft ‘senior leadership’ emails accessed by Russian SolarWinds hackers

Microsoft has disclosed that it fell victim to a nation-state attack by the Russian state-sponsored group Nobelium, the same group responsible for the SolarWinds attack. The hackers gained access to some members of Microsoft's senior leadership team's email accounts through a password spray attack on a legacy non-production test tenant account. Microsoft stated that there is no evidence of the threat actor having access to customer environments, production systems, source code, or AI systems.

Microsoft “senior leadership” emails accessed by Russian SolarWinds hackers

The hackers were able to steal emails and documents in a November attack.

The Verge

Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!

Citrix has identified two zero-day security vulnerabilities in NetScaler ADC and NetScaler Gateway, with one allowing remote code execution and the other leading to denial-of-service. Users of affected versions are advised to upgrade to a supported version and not expose the management interface to the internet. VMware has reported a critical security vulnerability in Aria Automation that could grant unauthorized access to remote organizations and workflows, requiring an upgrade to version 8.16 to mitigate the issue. Atlassian has disclosed a critical remote code execution flaw in Confluence Data Center and Confluence Server, urging users to update to the latest available version to address the vulnerability.

Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!

Citrix Patches Critical RCE Vulnerabilities (CVE-2023-6548, CVE-2023-6549) Exploited in Wild.

The Hacker NewsJan 17, 2024Newsroom

Juniper Fixes Critical Vulnerability in Firewalls and Switches

Juniper Networks has addressed a critical Out-of-bounds Write vulnerability (CVE-2024-21591) in its SRX Series firewalls and EX Series switches. This vulnerability could lead to remote code execution, potentially compromising sensitive data or disrupting operations. Juniper has released security updates for affected OS versions, and users are advised to apply these patches to mitigate the risk. In the meantime, as a temporary workaround, disabling J-Web or restricting access to trusted hosts is recommended.

Juniper Fixes Critical Vulnerability in Firewalls and Switches - Lansweeper

A critical RCE vulnerability has been patched in Juniper Network’s SRX Series firewalls and EX Series switches. Update vulnerable devices now!

LansweeperLaura Libeer