SpotON – our blog around digital compliance in enterprises
SpotON – Digital Compliance
Read here regularly on selected topics, developments and news from the areas:
SAM & Cloud – use software legally compliant and cost-effective
IT Security & Threat Intelligence – protect the IT landscape effectively
Data & Digitization – manage digital assets across the lifecycle
Complion Insights – look behind the scenes of digital compliance consultants
29/09/2022
Vendor Observer Competence Center (VOCC) – Your monthly update on the software and cloud market
The software and cloud market is highly dynamic - from new products & services, to changes in contract & license terms, to M&A activities. In the day-to-day business, one or the other important change can easily get lost. The VOCC is the monthly service for IT managers, vendor managers, IT buyers and license/contract managers who want to stay up to date on the licensing of software and cloud services and regularly exchange ideas with like-minded people.
The first Software Asset + Cloud Services Conference (SACS) took place on September 21 and 22, 2022 in Frankfurt/Main. Organized by Voice e.V. and Complion, the gathering of IT executives, vendor managers, IT buyers and license/contract managers offered both interesting technical presentations and a great opportunity for knowledge exchange as well as networking.
License management for specialist software – a necessary extension?
The focus of classic license management is usually limited to a few software vendors. Special applications offer high potentials, but are often disregarded.
Cybersecurity October Review: Zero-Day Vulnerabilities in Microsoft Exchange Servers
In early October, reports became public about two vulnerabilities in Microsoft Exchange Server 2019, 2016, 2013 - an email server software widely used in enterprises. To exploit them, malicious actors chain both vulnerabilities together. Thus, they can execute malware on Exchange Server to move further into the network, exfiltrate and/or encrypt data. In addition to the severity of the vulnerability, the problem is that malicious actors, presumably a state-sponsored organization, identified and exploited it before Microsoft did.
