NEW YORK — The Episerver CMS is morphing into a digital experience platform, led by CEO Alex Atzberger, the former SAP C/4HANA customer experience platform lead. He departed SAP in October and joined Episerver last month.
We sat down with Atzberger at NRF 2020 Vision: Retail’s Big Show to discuss recent Episerver acquisitionssuch as Insite Software, future acquisitions, how digital experience and customer experience differ, why he left SAP and his vision for Episerver’s acquisition and product roadmap.
Alex Atzberger: It happened very fast. When I desired to leave SAP, I looked for a cloud company with triple-digit [hundreds of millions of dollars in] cloud revenue. I was looking for something in CX, the most exciting and fastest-growing part of enterprise software. And I was looking for something that had the right strategic mindset.
[Episerver] had been acquired by Insight Partners, which had put money into the business, so they’re at an inflection point. They are the leader in what is still king, which is content. Even if you look at commerce-centric businesses, content matters a lot. And how do you marry content and commerce together? There are very few companies that have both of those embedded, and Epi is one of them. It worked out well, and the timing was perfect, very fast.
You’ve only been at Episerver for a month, but how would you describe your vision for the company and the product roadmap moving forward?
Alex AtzbergerCEO, Episerver
Atzberger: We have an untold story. People are really, really happy with this technology. One big part of the strategy, going forward, is expansion in North America, and telling the story of Epi.
Because of the size of the U.S. market, we have to decide on which specific verticals to focus on. There’s a large part of the economy that is not digital, that is somehow forgotten. These companies will not work with [platform vendors] that are too large; they need [vendors] that are large enough to serve, but small enough to care about the results. … Ultimately commerce and content are the face of so many brands, the heart of your business. … We’re going to focus on that market, and bringing automation to content, using AI and automation to scale [digital operations].
Do you feel like you’re competing withyour old company SAP, since Episerver CMS is now on its way to being a full-featured digital experience platform with content and commerce clouds?
Atzberger: When I built the SAP CX platform, we built it under the notion of connecting supply chain and demand chain. It was really a relevant message for very large companies that were looking at one platform. Epi is much more focused on the digital experience, truly understanding the digital customer, and doing it in such a way that companies between, say, a million and a billion, are the sweet spot. It’s 80% or 90% whole different [market].
What happened at SAP?Bill McDermott left[in October], and you weren’t far behind. It was all very quick.
Atzberger: If you look at the big picture, it was 15 years [at SAP]. We all want to be CEO of a company. At one point it becomes harder, and you basically end up being part of a company for life.
There’s too much innovation going on, too much excitement going on that I wanted to be part of as well. Ariba and CX are a massive part of SAP. I’m very proud of that and I’m proud of what SAP has done as a company. With the CEO change it was a natural point [to depart].
How do your past experiences atSAP and SAP Aribacolor what you’ll be doing at Episerver?
Atzberger: Those involved transformation, and I think it’s going to be a bit of the same here, rallying people around a common cause and a common brand.
The acquisition of B2B e-commerce company Insite Software, which caters to manufacturers and distributors, happened within days after you joined Epi. The deal probably was in the works before you started, right? Did you have final sign-off on the acquisition, or was the deal finished before?
Atzberger: Yes, it was in the works. The strategic direction was important in speaking about it with [Epi’s private equity owners] Insight Partners. There’s a huge B2B commerce opportunity.
When the acquisitions of Insite and [product content tagging automation technology] Idio were discussed with me, not only was I supportive of them but also it attracted me to Episerver as a company. The acquisitions made it so much more compelling to be at this place, at this time. I went to Minneapolis and met [Insite Software CEO] Steve Shaffer, and saw how well they executed against their goals. It left me inspired. I left Minneapolis thinking, ‘This is part of the future of Epi.’
What can you tell me about how you’re thinking about future acquisitions? You’re growing, you’re flush with cash. You can’t be done. What’s next?
Atzberger: We’re not done. Our focus now is the integration of Idio and Insite. What’s interesting to me is that there are a couple of trends that continue to be very important: One, understanding everything about your customer, and two, serving up the next best action. Everything that we do in the foreseeable future will be focused on the digital experience, and helping our customers get better and more informed data about their customers so they can make better decisions.
Companies at the forefront of digital transformation recognize how critical it is to enable all of their people with the right technology and tools. That’s why, in industries like retail, hospitality, and manufacturing, there’s a movement underway to digitally empower the Firstline Workforce—the more than 2 billion people worldwide who work in service- or task-oriented roles.
With Microsoft 365, the world’s productivity cloud, we’re in a unique position to help companies of all sizes and across all industries provide their employees the tools and expertise they need to do their best work, without sacrificing the security of their organization or customers’ data. Giving Firstline Workers the tools they need requires companies to address unique user experience, security and compliance, and IT management.
Microsoft 365 for Firstline Workers
Microsoft 365 combines intuitive best-in-class productivity apps with intelligent cloud services to empower your Firstline Workforce.
It’s inspiring to see how industry leaders, like IKEA and Mattress Firm, are driving higher levels of employee engagement and enhancing the customer experience by putting tools like Microsoft Teams into the hands of their Firstline Workforce. IKEA is connecting everyone in the organization with familiar features like chat and video calls and digitizing firstline processes such as shift management to save time and cost.
This video was created by Microsoft, with the agreement of Ingka Group.
Mattress Firm is empowering Firstline Workers with real-time access to the information, resources, and expertise they need to delight customers and provide a better shopping experience.
Ahead of next week’s National Retail Federation (NRF) tradeshow, we are excited to introduce new capabilities for Firstline Workers coming to Microsoft 365. Here’s a look at what’s coming soon:
New tools that make it easier for Firstline Workers to communicate and manage tasks
Walkie Talkie in Teams—This new push-to-talk experience enables clear, instant, and secure voice communication over the cloud, turning employee- or company-owned smartphones and tablets into a walkie-talkie. This functionality, built natively into Teams, reduces the number of devices employees must carry, and lowers costs for IT. Unlike analog devices with unsecure networks, customers no longer have to worry about crosstalk or eavesdropping from outsiders. And since Walkie Talkie functions over Wi-Fi or cellular data, this capability can be used across geographic locations. Walkie Talkie will be available in private preview in Teams in the first half of this year.
Intuitive push-to-talk experience to connect team members across departments and locations.
Tasks targeting, publishing, and reporting—With Tasks in Teams, now customers can drive consistent execution of store operations at scale across all of an organization’s locations. Corporate and regional leadership can send task lists targeted to the relevant locations, such as specific retail stores, and track their progress through automatic real-time reports. Managers have tools to easily direct activities within their stores, and Firstline Workers have a simple prioritized list available via their personal or company-issued device showing them exactly what to do next. Tasks targeting, publishing, and reporting is coming to Teams in the first half of this year.
Corporate headquarters can target, assign, and track tasks across locations. Firstline Workers can view tasks assigned to them and across the store.
Workforce management integrations—Customers using leading third-party workforce management systems—such as Kronos and JDA—for scheduling and time and attendance can now start integrating directly with Shifts via Shifts Graph APIs and SDK. Supported scenarios include management of shifts, schedules, schedule groups, swap requests, time off requests, and open shift requests. The JDA connector for Shifts is open sourced and available on GitHub. The Kronos connector for Shifts will also be available on GitHub later this quarter.
Enhanced identity and access management features that make it easier for IT pros to keep Firstline Workers productive and secure
SMS sign-in—With SMS sign-in, Firstline Workers are able to sign in to their Azure Active Directory (Azure AD) account using one-time SMS codes—reducing the need to remember usernames and passwords for all their Microsoft 365 and custom applications. Once enrolled, the user is prompted to enter their phone number, which generates an SMS text with a one-time password. SMS sign-in is a single sign-on (SSO) experience, enabling Firstline Workers to seamlessly access all the apps they are authorized to use. This new sign-in method can be enabled for select groups and configured at the user level in the My Staff portal—helping to reduce the burden on IT.
One-time SMS codes on mobile devices to streamline the sign-in experience for Firstline Workers.
Shared device sign-out—Many Firstline Workers use a single tablet or mobile device that is shared between shifts. This can pose unique security challenges to the organization when different employees who have access to different types of data use the same device over the course of a day. With shared device sign-out, Firstline Workers will be able to log out of all their Microsoft 365 and custom applications and browser sessions with one click at the end of their shift—preventing their data as well as any access to customer data from being accessible to the next user of that device.
With one click, Firstline Workers can sign out of a shared Android device and log out of all applications and browser sessions to prevent sensitive data being shared with another device user.
Off-shift access controls for Teams app—IT administrators can now configure Teams to limit employee access to the app on their personal device outside of working hours. This feature helps ensure employees are not involuntarily working while not on shift and helps employers to comply with labor regulations. This feature will begin rolling out to customers this quarter.
Display a message and/or disable access to Teams app when Firstline Workers are off shift.
Delegated user management—Firstline Managers can approve password resets and enable employees to use their phone numbers for SMS sign-in, all via a single customizable portal enabled by IT for Firstline Managers. Delegated user management can give Firstline Managers access to the My Staff portal, so they can unblock staff issues—reducing the burden of identity management on IT, and keeping employees connected to the apps they need on the job.
Through the My Staff portal, delegated user management enables a Firstline Manager to manage their team’s credentials and assist with password resets.
Inbound provisioning from SAP SuccessFactors to Azure AD—Azure AD’s user provisioning service now integrates with SAP SuccessFactors, making it easier than ever to onboard and manage Firstline Workers’ identities at scale, across any application using Azure AD. This feature—in public preview—builds upon the ability to provision users to Azure AD from Workday, another popular human capital management (HCM) system, already generally available. Integrating with these systems of record helps IT to scale Firstline Workers’ onboarding and productivity from day one.
With Azure AD’s user provisioning service now integrated with SAP SuccessFactors, as well as Workday, it’s easier than ever to onboard Firstline Workers user identities at scale. Shown here, you can start the provisioning cycle and use the progress bar and provisioning logs to track the provisioning process.
All of these capabilities are expected to roll out in the first half of this year except where noted.
Empowering Firstline Workers to gain a competitive advantage
New research in partnership with Harvard Business Review Analytic Services highlights the untapped potential of Firstline Workers in retail.
This is just the next step in our journey to empower every person and every organization on the planet to achieve more. We aim to build tools and experiences for the modern workplace and for workers at all levels of the organization. We’ll continue to develop and bring to market purpose-built Firstline Worker capabilities and experiences in partnership with our customers and industry leaders. And we’ll continue to innovate and build features that simplify work, bring people together, and help organizations big and small achieve more. Come see us next week at NRF 2020 in booth #4501.
Alfresco Software introduced new information governance capabilities this week to its Digital Business Platform through updates to Alfresco Governance Services.
The updates include new desktop synchronization, federation services and AI-assisted legal holds features.
“In the coming year, we expect many organizations to be hit with large fines as a result of not meeting regulatory standards for data privacy, e.g., the European GDPR and California’s CCPA. We introduced these capabilities to help our customers guarantee their content security and circumvent those fines,” said Tara Combs, information governance specialist at Alfresco.
Federation Services is a new addition to Alfresco Governance Services. Users can search, view and manage content from Alfresco and other repositories, such as network file shares, OpenText, Documentum, Microsoft SharePoint, Dropbox.
Users can also search across different databases with the application without having to migrate content. Federation Services provides one user interface for users to manage all the information resources in an organization, according to the company.
Organizations can also store content in locations outside of Alfresco platform.
Legal holds feature provides AI-assisted search for legal teams
The legal holds feature provides document search and management capabilities that help legal teams identify relevant content for litigation purposes. Alfresco’s tool now uses AI to discover relevant content and metadata, according to the company.
“AI is offered in some legal discovery software systems, and over time all these specialized vendors will leverage AI and machine learning,” said Alan Pelz-Sharpe, founder and principal analyst at Deep Analysis. He added that the AI-powered feature of Alfresco Governance Services is one of the first such offerings from a more general information management vendor.
“It is positioned to augment the specialized vendors’ work, essentially curating and capturing relevant bodies of information for deeper analysis.”
Desktop synchronization maintains record management policies
Another new feature added to Alfresco Governance Services synchronizes content between a repository and a desktop, along with the records management policies associated with that content, according to the company.
With the desktop synchronization feature, users can expect to have the same record management policies when they access a document on their desktop computer or viewing it from the source repository, according to the company.
When evaluating a product like this in the market, Pelz-Sharpe said the most important feature a buyer should look for is usability. “AI is very powerful, but less than useless in the wrong hands. Many AI tools expect too much of the customer — usability and recognizable, preconfigured features that the customer can use with little to no training are essential.”
The new updates are available as of Dec. 3. There is no price difference between the updated version of Alfresco Governance Services and the previous version. Customers who already had a subscription can upgrade as part of their subscription, according to the company.
According to Pelz-Sharpe, Alfresco has traditionally competed against enterprise content management and business process management vendors. It has pivoted during recent years to compete more directly with PaaS competitors, offering a content- and process-centric platform upon which its customer can build their own applications. In the future, the company is likely to compete against the likes of Oracle and IBM, he said.
IT departments are central to digital transformation projects in healthcare. But for those projects to be successful, healthcare CIOs will need to ensure they’re ticking off the basic IT checklist while pushing their departments into new territory.
John Kravitz, CIO at Geisinger Health System in Danville, Penn., said digital transformation, or the use of digital technology to change how healthcare operates and delivers care, requires healthcare CIOs to think outside the box and consider new, digital ways to make IT and the overall health system operate more efficiently.
“Looking at transformation and how we’re about to approach that in IT, it’s extremely important that we take off the blinders and we look at things in a different way,” Kravitz said.
Before pursuing a digital transformation project, healthcare CIOs should start with the fundamentals such as making sure the healthcare organization has a solid IT infrastructure in place, according to Kravitz. At the 2019 CHIME Fall CIO Forum, Kravitz and Judy Kirby, CEO of executive search firm Kirby Partners in Heathrow, Fla., talked about why that strong IT foundation is so important and how healthcare CIOs can successfully lead digital transformation projects.
Building a strong foundation
Today’s healthcare CIOs are expected to be experts on emerging technology, yet they’re also tasked with IT basics like keeping the lights on.
“Organizations are saying, ‘We’ve got to be digital; we’ve got to be transformational,'” Kirby said. “Yet they’re really confused on what that means and how to get there.”
For healthcare CIOs to lead digital transformation projects, Kirby said it’s necessary to get four things right first:
Focus on the fundamentals
To get started, Kirby said it’s vital healthcare CIOs take stock of how the IT infrastructure is performing. Having an IT system that functions “exceptionally” can provide a strong foundation for digital transformation projects, she said.
“If you don’t have the IT train on the track, you can’t transform,” Kirby said. “So, you’ve got to do that first, you’ve got to do it well, you’ve got to do it exceptionally.”
She recommended CIOs use key performance indicators to set expectations for IT employees and to provide transparent metrics on what they need to deliver on, she said.
Build up health IT leaders
Building a successful IT team means identifying weak links and finding ways to make the entire team stronger, Kirby said. Healthcare CIOs will need strong leaders to be digital transformation ambassadors, and their success will hinge on relationships within the healthcare organization. CIOs can lead by example to demonstrate how to build those relationships and provide good service, she said.
Kirby gave the example of a successful CIO who “insists on rounding,” or going out into the healthcare organization to assess employee needs and to foster relationships between IT and the clinical staff.
“When he sends his CTO out there to round, they don’t go by themselves,” she said “They go with one of their technicians who has a cartful of goodies — monitors, cables — so that when [they encounter] an issue, they try to fix it right there.”
Keep the IT team engaged
Healthcare CIOs should engage their teams not just by setting expectations but by helping them meet realistic goals and celebrating the victories along the way. Celebrating success can go a long way in keeping the team engaged, she said.
“Don’t just make it when something large is going on, celebrate a lot,” Kirby said. “It keeps them happy, it keeps them successful, it keeps them wanting to do better and wanting to do more. I know you’re busy, but take the time.”
For Kirby, engagement also means taking the time to help the IT team grow and develop, she said.
Lastly, healthcare CIOs need to communicate frequently, in detail and in a way that is easy to understand, Kirby said.
“If there’s one thing we hear when we’re out there doing site visits, it’s, ‘We want a great communicator,'” Kirby said.
Leading digital transformation
Geisinger’s Kravitz comes at digital transformation from firsthand experience.
John KravitzCIO, Geisinger Health System
While Kirby talked about the importance of building a strong foundation to support digital transformation projects, Kravitz spoke about how healthcare CIOs can then drive that transformation within their healthcare organizations.
He said successful digital transformation projects need executive leadership support. CIOs charged with leading the effort not just across IT but across the whole organization should make sure the IT and executive leadership teams are in sync on goals. Doing so presents a vision to employees and sets clear priorities.
Kravitz said a good place to start is to identify three to five processes critical to the organization and then find ways to change and enhance those processes through digitization, such as making it easier for low-acuity patients in emergency rooms to receive care via telemedicine visits instead of waiting hours for an in-person visit.
“Look at those types of things where you make it a lot simpler, a lot cleaner,” Kravitz said. “Look at all the opportunities within your health system for faster service.”
Digital transformation isn’t just a top-down project, according to Kravitz. He said healthcare CIOs need to also start at the bottom by establishing performance targets for employees. Here, it’s important to assess and measure productivity, set clear goals and benchmark those goals, Kravitz said.
Kravitz said healthcare CIOs should also help to create a governance committee of executive and IT leaders from across the organization. The committee is charged with keeping the healthcare organization on the same page during the digital transformation effort. It is also responsible for establishing a communication program that provides regular progress updates and includes meetings for the project. Finally, it should work to develop what Kravitz called a “digital narrative” that will be used to explain the project and get buy-in from employees.
To help businesses stay a step ahead in the digital age, Microsoft has released new research in partnership with Dr. Michael Parke of the London Business School. Surveying 9,000 workers and business leaders across 15 European markets, the research delved into company growth, employee engagement, leadership styles and technology.
According to the findings, change is the new normal as businesses race to adapt and better compete: 92% of European leaders say their organization has recently undergone a major transformation.
And, the number-one transformation challenge in leaders’ minds is company culture.
The study revealed that getting the workplace culture component right can benefit businesses in a significant way.
Companies that were assessed as having ‘innovative cultures’ – generally defined as cultures where new ideas are embraced and supported – were twice as likely to expect double-digit growth. These businesses also seem positioned to win the war for talent: the majority of workers within these organizations (86%) plan to stay in their jobs, as opposed to 57% of those employees working in less innovative cultures.
There are three key attributes that set these innovative companies apart:
I. Tearing down silos and building bridges
Companies with the most innovative cultures have leaders who are not only tearing down silos, they’re replacing them with partnerships and transparency. These leaders are more likely to see effective collaboration as vital for business growth – whether it’s within teams, across teams, or with customers and partners.
Among leaders of highly innovative cultures:
86 percent said collaboration within their teams is very important for future business growth, compared to 70 percent in less innovative cultures.
86 percent said internal collaboration across teams is very important to growth, compared to 72 percent of leaders in less innovative businesses.
79 percent said collaborating externally with their partners is vital for growing their business, compared to just 54 percent of their counterparts in lower-innovation companies.
II. Empowering teams and creating a learning culture
The research shows that in the most innovative companies, leaders are focused on mobilizing their teams and empowering them.
In the most innovative companies, 73 percent of workers say their teams can choose how they approach the work – with only 45 percent of workers in low-innovation workplaces feeling that way. Further, approximately twice as many people in high-innovation workplaces feel empowered to make decisions without a manger’s approval, compared to employees in low-innovation companies.
Finally, nearly three in four employees say their leaders create a culture where it’s OK to make mistakes, compared to just half of the employees in lower-innovation companies.
III. Protect attention and promote flow
Workers report feeling like they waste 52% of their time each week due to things like unproductive meetings and emails, unnecessary interruptions, and time taken to track down information.
The study suggests that a combination of having the right physical environment, tech tools and a manager who supports diverse ways of working can cut this sub-optimal time in half.
However, the data from the study highlights there’s a greater opportunity than just the possibility of employers helping people be more productive. In fact, there’s also a significant opportunity to bolster employee engagement. When people are able to devote all of their attention and energy to a particular task, they are able to work in a flow state – sometimes known as ‘in the zone.’ Employees who can work in this way – at least some of the time – were three times more likely to say they were happy in their jobs
A working culture that values empowerment and autonomy appear to have an advantage in terms of people being able to work in a flow state: 72 percent of employees who report that they are able to work in flow state say their teams can choose how they approach work. In workplaces with low states of flow, only half of workers feel similarly.
In quick summary: the business leaders that will succeed tomorrow are not thinking about how they can make their workforce more productive – they are focused on helping their people be more innovative.
With a nearly 100-year history in film and television, Warner Bros. owns one of the world’s deepest and most significant entertainment libraries. Re-releasing older films in new formats or for new audiences is an important part of the business. It’s also a tremendous cultural responsibility to preserve some of the world’s most beloved stories in perpetuity, Colf said.
“Imagine if a title like the ‘Wizard of Oz’ or a show like ‘Friends’ wasn’t available for generation after generation to enjoy and see and understand,” she said. “We think that’s unimaginable, and that’s why we take the job of preserving and archiving our content extremely seriously.”
The company has redundancy plans in place to handle multiple worst-case scenarios: an earthquake or hurricane that strikes one of the coasts, a fire where the suppression systems don’t kick in or a climate control failure that allows moisture to build up and ruin film stock.
The goal is to have three archival copies of each asset stored in different locations around the world: two separate digitized copies, along with the original physical copy on whatever medium a film or television episode or animated cartoon was created.
Fortunately, original film negatives will last for centuries if stored in the right conditions. But for some older television shows — think episodes of “Alice” shot in the 1970s — the original physical copy has a limited shelf life that requires migration to newer formats. And for today’s films and television shows that are shot digitally, the archival-quality third copy has a very short migration cycle of three to five years, which is challenging to manage.
“Let’s say a TV show is pushing directly into our digital archives; there’s nothing physical,” said Steven Anastasi, Warner Bros. vice president for global media archives and preservation services. “The digital file is going in but I don’t have something I can put in a vault or in a salt mine or anything physical coming into the building.”
Warner Bros. is potentially looking at Project Silica to create a permanent physical asset to store important digital content and provide durable backup copies. Right now, for theatrical releases that are shot digitally, the company creates an archival third copy by converting it back to analog film. It splits the final footage into three color components —cyan, magenta and yellow — and transfers each onto black-and-white film negatives that won’t fade like color film.
Those negatives are put into a cold storage archive. In these highly managed vaults, temperature and humidity are tightly controlled, and air sniffers look for signs of chemical decomposition that could signal problems. If they need the film back, they must reverse those complicated steps.
That process is expensive, and there are only a handful of film labs left in the world that can do it. And the process is not optimal from a qualitative point of view, said Brad Collar, Warner Bros. senior vice president of global archives and media engineering.
“When we shoot something digitally — with zeros and ones representing the pixels on the screen — and print that to an analog medium called film, you destroy the original pixel values. And, sure, it looks pretty good, but it’s not reversible,” Collar said.
“If we can take the digital representation of those pixels and put it on a medium like silica and read it back off exactly as it was when it came out of the camera, we’ve done our preservation job to the very best of our ability. That’s what I love about this,” he said.
It’s not economical to create archival film negatives for every digitally shot television episode in the Warner Bros. library. The company hopes Project Silica might prove to be a cheaper, higher quality alternative to create physical archives of digital content.
There’s much more work ahead to reach that scale — Microsoft researchers would need to significantly increase the speed at which data can be written and read, as well as its density. Warner Bros. envisions its own infrastructure to read data from the glass archives. But both partners see promise in how far they’ve come.
“If Project Silica’s storage solution proves to be as cost-effective and as scalable as it could be — and we all recognize it’s still early days — this is something we’d love to see adopted by other studios and our peers and other industries,” Colf said.
“If it works for us, we firmly believe that this will be a benefit to anyone who wants to preserve and archive content,” she said.
Adobe has extended its Adobe digital experience product portfolio to small and midmarket businesses in an effort to provide enterprise-grade capabilities such as agility, scalability and flexibility to businesses with fewer resources.
The product portfolio for SMBs includes:
Magento Commerce: According to Adobe, this product provides agility and scalability through a portfolio of cloud-based omnichannel platforms. It is designed to enable users to integrate digital and physical shopping experiences. Through the integration of Adobe Stock with Magento Commerce, SMBs with an Adobe Stock subscription will be able to access more than 130 million assets such as images, templates, 3-D assets and stock videos.
Marketo Engage: As part of Adobe Marketing Cloud, Marketo Engage enables users to target individual leads or accounts at scale, as well as measure business impact across customer touchpoints. Additionally, according to Adobe, Marketo Engage offers access to more than 65,000 markets globally to enable users to share best practices to build and formalize marketing strategies.
Adobe Analytics Foundation: Adobe Analytics Foundation was designed to bring the enterprise-grade features of Adobe Analytics to SMBs through the Adobe digital experience platform. Customers can implement the tool at the appropriate level for their organization, and then scale up as needed.
Adobe Sign for Small Business: According to Adobe, the new Adobe Sign for Small Business offers enterprise-grade e-signature capabilities tailored to small businesses in an effort to help digitize signing documents for customer onboarding, contracts, approvals, payments and invoices.
Creative Cloud for Teams: This product enables companies to deploy Adobe digital experience applications. The Creative Cloud Libraries let teams share assets and folders securely, while collaborating and managing changes.
While digitalization was once more of an enterprise-centric theme, SMBs have increasingly taken on the challenge. Historically, it has been more difficult for smaller businesses to digitize their operations due to cost and scale, but in recent years, it has been on the rise. According to Gartner Research, SMBs’ IT spending is predicted to be at a 4.2% compound annual growth rate for the next five years.
Despite a public pledge of “zero tolerance” for malicious activity, a digital ad network previously tied to major malvertising campaigns was still connecting to a malicious IP address involved in traffic hijacking.
Adsterra, an ad network based in Cyprus, was implicated in an extensive malvertising campaign discovered by Check Point Software Technologies in 2018. Adsterra claimed to have blocked the malicious activity and improved its defenses, but a SearchSecurity investigation discovered the ad network continued connecting to a malicious server used in the campaign as recently as last month.
The campaign originally began with a party, dubbed “Master134” by Check Point researchers, posing as a legitimate publisher on Adsterra’s ad network platform. Master134 used more than 10,000 compromised WordPress sites to redirect visitors to a malicious sever in Ukraine with the IP address 188.8.131.52. The hijacked traffic was sold on Adsterra’s RTB platform to other ad networks, where it was sold to other networks before being sold yet again to threat actors running several well-known malicious sites and exploit kits.
In Check Point’s report, researchers described Adsterra as “infamous” and said the ad network had a direct relationship with “Master134” by paying the threat actor for the hijacked traffic. Lotem Finkelsteen, Check Point’s threat intelligence analysis team leader and co-author of the report, told SearchSecurity that Adsterra either knew it was accepting hijacked traffic or chose to ignore the signs.
Adsterra responded to the report with a blog post titled “Zero Tolerance for Illegal Traffic Sources,” in which the company denied the allegations that it was knowingly involved with Master134. The company also blamed other third-party ad networks, even though Check Point reported Adsterra received the traffic directly from Master134’s IP address.
“[W]e would like to emphasize that we do not accept traffic from hacked/hijacked sites. We have zero tolerance for illegal traffic sources,” the statement read. “All publishers’ accounts that were mentioned in that article have been suspended. Malware ads are prohibited in Adsterra Network and we have a monitor system that checks all campaigns and stops all suspicious activity.”
Despite the denials and the supposed actions taken by Adsterra, a SearchSecurity investigation found the ad network was still connecting to the 184.108.40.206 IP address as recently as last month. When confronted with this information, Adsterra offered a series of explanations that called into question the company’s efforts to prevent malvertising and ad fraud.
Open source intelligence tools revealed the 220.127.116.11 IP address, which is still active, was connecting to ecpms.net, a redirection domain owned and operated by Adsterra, during July and August of this year.
SearchSecurity emailed Adsterra in August about the domain’s connection to the Master134 IP address and received a reply from the company’s support team, which said the Adsterra policy team would investigation the issue. The email also said the company “considers the [Master134] case closed.”
We sent a follow-up email to Adsterra asking for more information about how it bans malicious accounts and what steps the company takes to prevent repeat offenders from abusing Adsterra’s self-service platform.
Adsterra Support Team
“When we ‘ban an account’ in our system we block the account and all payments associated with that account. We also block all ads being displayed to that account,” the support team wrote. “We investigate all incoming reports on illegal activities on our network and do our best to prevent them from happening. We utilize special software (both in-house and 3rd party) to scan and monitor ads and traffic 24/7. Furthermore, after the incident with ‘Master134’ we have purchased additional 3rd party software to scan our feed, but you should understand that it is always a cat-mouse game when it comes to catching a ‘bad actor’.”
SearchSecurity also asked Adsterra about the allegations that the ad network was knowingly accepting traffic from malicious sources like Master134. “We serve hundreds of millions of ad impressions per day and we don’t need any illegal traffic because our advertisers simply won’t accept it and pay for it,” the support team wrote.
While the ecpms.net’s connections to Master134 appeared to end following the conversation with Adsterra’s support team, SearchSecurity discovered a second domain owned by the company, 7fkm2r4pzi.com, was also connecting to the malicious IP address. According to RiskIQ’s Passive Total Community Edition, the connections from 18.104.22.168 to the domain began in August shortly after the connections to ecpms.net ceased.
SearchSecurity emailed Adsterra again several times about the second domain, but the company did not respond initially. We then reached out to the ad network’s official Twitter account and asked why the Adsterra domains were still connecting to the Master134 server. In a Twitter exchange, Adsterra said the Master134 threat actors set up a new account, which was also banned. The ad network also said it “blacklisted all traffic with this IP in referrer header.”
“They’ll think twice before sending traffic to our network after no payment,” Adsterra said.
We asked why Adsterra hadn’t taken the step of banning the IP address last year following Check Point’s Master134 and the resulting press coverage, especially since the company said it had “zero tolerance” for such activity.
“Since the publisher’s account was banned without a payout and they removed our link shortly after, we considered they understood their traffic is not welcome here. It took them a while to sign up again,” Adsterra tweeted. “Please also note that blacklisting this IP in a referrer header does not give 100% protection — a portion of traffic can be redirected with no referrer. However, we admit this could have been done before as a precaution. Thus, we have updated our internal policies accordingly.”
Adsterra said the malicious account didn’t received its payment due, but the company couldn’t say whether or not the fraudulent accounts operated by Master134 had ever received payment from the company.
SearchSecurity requested more information about the accounts and the steps Adsterra took to stop the malicious activity on its websites. The ad network responded with information similar to what it previously tweeted but did not address those questions directly.
“The executive team has been notified of this issue,” Adsterra support team wrote. “However, we find this case closed and the new account has been banned as well.”
According to RiskIQ’s PassiveTotal, the connections from Master134 to the 7fkm2r4pzi.com domain ended on Sept. 14, the same day as the above email. Adsterra hasn’t responded to further requests from SearchSecurity.
Adsterra’s prevention methods questioned
Security vendors in the ad fraud and malvertising prevention market said Adsterra’s method of blacklisting the IP address is a largely useless approach and that stronger measures are needed to stop threat actors like Master134.
Hagai Shechter, CEO of Fraudlogix, an ad fraud prevention vendor based in Hallandale Beach, Fla., said restricting IP addresses via HTTP headers isn’t effective because — as Adsterra itself pointed out — threat actors can remove malicious IP addresses from their headers and make HTTP requests with “no-referrer.” In addition, Schechter said public blacklists, even if implemented effectively at the firewall level, are often outdated.
“It’s rare to find a publicly available IP blacklist list that’s going to be recent and that will have the good stuff in there,” he said.
It’s also unclear why Adsterra’s additional investment in ad security and new scanners didn’t prevent the Master134 IP address from repeatedly connecting to the ad network’s domains, given the address was known to be malicious. According to a July blog post titled “We Keep You Safe,” Adsterra said it felt “bound to take action” and announced it had added a second ad security scanner from a vendor called AdSecure to further reduce fraud and malvertising.
However, AdSecure was launched in 2017 by a company called ExoGroup, based in Barcelona. ExoGroup is also the parent company of ad network ExoClick that, like Adsterra, was implicated in the Master134 campaign in 2018, as well as previous malvertising campaigns. According to AdSecure’s website, the company’s “partners” include several ad networks including ExoClick, Adsterra and AdKernel, which was also connected to the Master134 campaign.
SearchSecurity reached out to AdSecure to learn more about how its flagship product worked and its relationship to ExoClick and the other ad networks. The company did not respond. [UPDATE: Adsecure emailed a statement to SearchSecurity the day after this article was published. The statement is contained below.]
SearchSecurity spoke with GeoEdge, the other ad security vendor used by Adsterra, which declined to address the ad network directly. GeoEdge CEO Amnon Siev said that in general, some ad network clients choose to essentially ignore the alerts that GeoEdge provides about malicious activity and allow suspicious traffic and IP addresses on their platforms.
Schechter agreed and said clients have full control over how they use Fraudlogix’s products and some simply choose to look the other way when it comes to signs of click fraud and malvertising.
“That absolutely happens,” he said. “The fuel for the industry is volume. If Google blocks out 10% of their ad traffic, they can still survive, but when you’re a smaller network, that 10% could be the difference between staying in business or not.”
Siev added that he believes AdSecure isn’t an effective solution for preventing ad fraud and malvertising. “I’ve never tested their solution,” he said, “but I know from talking to customers that have switched from them to us what gaps are there.”
He also criticized AdSecure’s connection to ExoClick. “We continue to flag many of [ExoClick’s] campaigns,” Siev said. “They’ve pushed back on us and say there’s no malicious activity in their campaigns.”
In a statement sent to SearchSecurity on Nov. 1, Adsecure sales manager Bryan Taylor wrote “AdSecure is a reporting tool, what clients do with those reports and the measures they implement to prevent fraudulent actors is their decision.
AdSecure is part of Exogroup and is born out of the experience that ExoClick has dealing with advertising fraud. ExoClick has been fighting advertising fraud since 2006 and has used the services of GeoEdge and others over the years. Unfortunately, most of these companies rely on outdated technology and they have proven inefficient to detect many types of fraud, especially the most recent ones, such as push lockers. This triggered Exogroup to invest into the development of a new technology, that would address the wide scope of issues that plague the online advertising ecosystem today,” Taylor wrote.
There is no silver bullet to address the issue of malvertising. And there is no such thing as 100% safe. There is a very good reason why people setup an alarm system in their home. But even then, some more ambitious criminals might still break a window and give it a go. Do platforms and networks have issues with malicious activity? Yes, absolutely. And GeoEdge, RiskIQ, AdSecure or any others would not exist if that was not the case,” Taylor added. “If we refer to your quote from Amnon Siev, he admits himself “I’ve never tested their solution” so we don’t think this even deserves a response. What matters to us are the results that the partners get from AdSecure, and the hundreds of malvertising issues that we prevent on a daily basis. And all of the companies fighting this fight are good companies to have on the market.”
It’s unclear if other Adsterra domains are connecting to Master134; the 22.214.171.124 IP address connects to thousands of domains, including a litany of WordPress sites as well as several ad network platforms, and Adsterra owns and operates a significant number of domains. For example, MyIP.ms, an online database of websites and IP addresses, shows more than 400 domains owned by Ad Market Limited, the corporate name of Adsterra.