Landis+Gyr halves costs by moving Oracle workloads to Google Cloud
Landis+Gyr has optimised its total cost of ownership and operational scalability by migrating critical Oracle workloads to Google Cloud Platform using Tessell's Database-as-a-Service solution.
Operating in over 30 countries, Landis+Gyr manages millions of smart meters for utility customers, aiming to support grid performance and energy efficiency. As global energy demand and the need for real-time energy grid intelligence increase, the company identified a requirement to shift from legacy on-premises systems to a more scalable, cloud-native infrastructure.
The migration process involved moving complex Oracle workloads - most notably the Oracle Head End System (HES) and Meter Data Management (MDM) applications - previously running on a Windows platform. The legacy environment introduced high licensing expenses, performance limitations, and restricted scalability, prompting the need for change.
Tessell and GCP
Landis+Gyr collaborated with Tessell to execute a cross-platform migration from Windows to Linux in conjunction with adopting Google Cloud's infrastructure. Tessell's platform enabled a transition that the company states achieved real-time data ingestion with sub-second latency, over 99.99% application availability, a 50% reduction in infrastructure costs, and a 60% increase in labour efficiency for database administrators. Compliance with data residency requirements across global regions was also highlighted. "Tessell's ability to execute complex Oracle migrations with precision allowed us to unlock significant operational and financial value," said Martti Kontula, Head of OT & Data at Landis+Gyr. "Our smart metering applications now run with greater agility, enabling us to deliver better insights and services to our customers while setting the foundation for long-term growth."
The project included a proof-of-concept phase on Google Cloud, which demonstrated that moving to a Linux-based system met the company's performance benchmarks. This encompassed the demands of real-time smart meter data ingestion and the required levels of system uptime and throughput at scale.
Operational impact
Landis+Gyr reports several outcomes resulting from the migration. Scalability has been enhanced through Google Cloud's elastic infrastructure, allowing for the ingestion and processing of data from millions of deployed smart meters and maintaining responsiveness during peak usage.
The company has also experienced a reduction in licensing and support costs by shifting from Windows to Linux, and a decrease in maintenance overheads. Automation of essential operations such as patching, updates, and lifecycle management has enabled internal personnel to dedicate more time to innovation and analytics.
Landis+Gyr stated that it is on schedule to retire its legacy data centres, and is adopting a cloud-first approach across its operations.
Enhancing resilience
Looking ahead, Landis+Gyr plans to extend its partnership with Tessell to improve high availability and disaster recovery capabilities. This includes deploying a multi-zone, multi-region high availability architecture on Google Cloud, automating cross-region disaster recovery with minimal data loss, and engaging in business continuity planning in line with industry standards. "With Tessell's robust cloud platform and GCP's global scale, Landis+Gyr is well-positioned to meet the rising demands of the energy sector while supporting its mission of creating a more sustainable and intelligent energy future," said Bakul Banthia, Co-Founder of Tessell.
Landis+Gyr continues to focus on improving its cloud infrastructure to respond to the evolving requirements of energy utilities and the broader market.
Follow us on:
Share on:
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Scoop
2 days ago
- Scoop
MakeDongle 2 - USB Dongle Protection For MacOS, Windows And Linux
Excel Software announced MakeDongle 2.0 for macOS or Windows. MakeDongle generates a secure USB dongle from a flash drive. The dongle grants a license to run protected software on all modern versions of Mac, Windows or Linux OS. MakeDongle complements a diverse suite of protection and licensing tools from Excel Software. Protected software can be stored on the computer or dongle itself. On application launch, the dongle is validated before the software is allowed to run. Each dongle can be generated in seconds. When building dongles, MakeDongle can copy multiple licenses, applications or installers to the USB flash drive. MakeDongle can be used standalone or with the QuickLicense, AppProtect or DocProtect products. It also works with licensing plugins for FileMaker and Xojo. To use MakeDongle alone, several coding interfaces are supported with sample code provided for popular programming languages. MakeDongle works with QuickLicense. QuickLicense supports many license types including Trial, Product, Try/Buy and Subscription. Software is protected by adding API programming commands or by using the AddLicense wrapping tool without programming. AddLicense is a popular choice for runtime environments like MAX, Adobe Air or Unity since application code and resources can be securely embedded within the EXE or APP file. Protected software can immediately launch when the appropriate dongle is present or optionally require a manual or online activation process. MakeDongle and QuickLicense give developers many options for software and hardware protection. Excel spreadsheets can be protected using QuickLicense and OfficeProtect to produce an EXE for Windows or APP for Mac. This protection can be combined with a USB dongle to allow the App to run. The application and encrypted data files can be stored on the dongle making them easily portable between computers. MakeDongle works with QuickLicenseRT Linux. QuickLicense and MakeDongle run on a Mac or Windows computer to produce a dongle and license files. The protected software run on a Linux computer with the dongle installed in any free USB port. MakeDongle works with DocProtect on Mac, Windows or Linux. DocProtect wraps PDF, Video, Image slide shows or HTML files into a Mac or Windows application. The protected document can be used on any computer when the dongle is present. MakeDongle, DocProtect and QuickLicense can be combined to support other license types and features. MakeDongle can be used with AppProtect to wrap Mac or Windows software into a protected application that only runs if the dongle is present. Dongle secured installers can be created using MakeDongle plus ClickInstall on Mac or Windows. The installer only runs if the dongle is present and can be distributed on the dongle itself. MakeDongle 2.0 is $495 for a Single User License on Mac or Windows. Produce unlimited dongles for any number of products. The product includes royalty-free distribution rights for protected software. MakeDongle Mac is a Universal (Intel & Apple Silicon) App that runs on macOS 10.14 or later. MakeDongle Windows runs on Windows 10 or 11. Visit the company web site for demonstration videos and product information.
Techday NZ
2 days ago
- Techday NZ
ReliaQuest report exposes rise of social engineering cyber threats
ReliaQuest has released its latest quarterly report, outlining identified trends in cyber attacker techniques, malware use, and ransomware group activity observed between March and May 2025 across its customer base. ClickFix and social engineering tactics One of the most notable trends identified in the report is the widespread use of ClickFix, a social engineering method that misleads users into pasting malicious commands into tools such as PowerShell or the Windows Run prompt. Attackers disguise these actions as solutions to false issues, such as fake CAPTCHAs or Windows updates, enabling them to circumvent defences and introduce malware with comparative ease. This approach has facilitated the increased use of malware families such as Lumma and SectopRAT, both of which utilise trusted tools like MSHTA to deliver malicious payloads. The report notes that social engineering has significantly contributed to the rise of these attack vectors, stating, "Social engineering played a pivotal role in the success of these top tactics." Lateral movement and initial access trends Phishing-based techniques accounted for over half of observed initial access incidents among customers, while drive-by compromise incidents rose by 10% compared to the previous period. The report sees a shift, as attackers increasingly rely on user manipulation rather than exploiting technical vulnerabilities. ReliaQuest's analysis highlights the prominence of remote desktop protocol (RDP) over internal spear phishing as a method of lateral movement within networks. This shift is closely associated with attackers impersonating IT helpdesks to persuade users to install RDP tools. The report finds, "The shift away from tactics like internal spearphishing suggests attackers are favouring techniques that require less user interaction and offer more direct access to internal systems." Additionally, drive-by downloads powered by campaigns such as ClickFix and widely available phishing kits continue to lower the threshold for cybercriminal activity. External remote resources dropped from third to fourth place among initial access vectors, further illustrating the focus on exploiting human factors. MSHTA on the rise for defence evasion MSHTA (Microsoft HTML Application Host), a native Windows binary, was reported to be involved in 33% of defence evasion incidents during the period, up from just 3.1% the previous year. Attackers use this legitimate tool to bypass conventional security tools by convincing users to execute malicious commands themselves, often delivered through social engineering campaigns such as ClearFake. "ClearFake's early adoption of ClickFix techniques propelled MSHTA from 16th to second place among defence evasion tactics. Recently, other ClickFix adopters have fuelled MSHTA's current surge, leveraging broader social engineering tactics to bypass defences more effectively," the report details. Changes in ransomware operations The report notes significant changes among ransomware groups, with the closure of "RansomHub" leading many affiliates to migrate to other groups, notably Qilin, which saw a 148% increase in activity. Play and Safepay also reported increased activity of 116% and 266%, respectively. The number of active ransomware groups has dropped by nearly 30%, but newer or established ransomware-as-a-service (RaaS) platforms have absorbed most of these affiliates, raising concerns over increasingly professionalised threats. "With major ransomware groups like RansomHub gone, RaaS operators are vying to capitalise on the influx of affiliates searching for new platforms. To attract this talent, we'll likely see RaaS platforms introduce innovative capabilities or revise profit-sharing models. This competition is expected to create a more fragmented yet increasingly sophisticated ransomware ecosystem, posing even greater challenges for defenders." Impact on industry sectors The construction industry was the only sector to see an increase in ransomware attack victims, rising by 15%. ReliaQuest attributes this to opportunistic targeting as attackers seek out industries with perceived weaker defences. The report notes, "Construction organisations may feel compelled to pay ransoms quickly to avoid costly downtime and operational delays, making them attractive targets." By contrast, the retail sector saw a 62% decrease in victims, attributed to a drop in activity from the "CL0P" ransomware Cleo campaign. Malware trends and threat actor activity The period saw increased activity by the SectopRAT malware, delivered via ClickFix and malvertising campaigns. Despite infrastructure takedowns in May 2025, Lumma infostealer operations continue, with new logs advertised on cybercriminal forums and marketplaces. "Although Lumma's activity is likely to decline over the coming months as the impact of the takedown continues to unfold, it's likely the group could regain traction over time. As attention around the takedown diminishes, attackers may return to this familiar and well-established tool," the report comments. Emergence of Scattered Spider Scattered Spider, after a five-month hiatus, returned in April 2025 with attacks on UK retail organisations. The group is identified for using detailed social engineering against high-value individuals such as CFOs and utilising both on-premises methods and cloud techniques for stealth and control. "Scattered Spider's success lies in its ability to combine social engineering precision, persistence in cloud environments, and on-premises technical expertise. These TTPs allow the group to achieve initial access, maintain control, and operate stealthily, making it difficult for organizations to detect and remediate the group's activity in the early stages of an attack." Recommendations and defensive measures ReliaQuest's report makes several recommendations for organisations, including disabling Windows Run for non-administrative users, enforcing control over RDP tool installations, implementing web filtering, and prioritising user training against social engineering. Additional measures include strengthening identity verification, enabling advanced monitoring, and conducting regular risk assessments, particularly for privileged user accounts. Looking ahead, the report anticipates broader adoption of ClickFix among ransomware affiliates, increased sophistication by groups such as Scattered Spider, and the continued rise of infostealer malware like Acreed. The report concludes by emphasising the need for proactive investment in advanced detection, user education, and securing of both cloud and traditional infrastructure to counter an upward trend in attack complexity and evasion tactics.
Techday NZ
2 days ago
- Techday NZ
Poor cloud security leaves secrets & data at risk, report finds
A new report from Tenable Research has detailed the ongoing risks facing organisations due to poor cloud security practices and widespread misconfigurations. The 2025 Cloud Security Risk Report analyses data from global cloud systems spanning October 2024 to March 2025. It highlights significant vulnerabilities related to data exposure, identity management, cloud workloads, and the use of artificial intelligence resources. The findings indicate that sensitive information and credentials remain at risk due to inconsistent security implementations across major public cloud providers. Exposure of sensitive data According to Tenable Research, 9% of publicly accessible cloud storage contains sensitive data, and 97% of this content is classified as restricted or confidential. These circumstances increase the risk of exploitation, particularly when misconfigurations or embedded secrets are also present. The report notes that cloud environments are subject to significantly heightened risk from exposed data, misconfigured access, and the insecure storage of secrets such as passwords, API keys, and other credentials. These issues are compounded by underlying vulnerabilities and inconsistent security practices across organisations using public cloud providers like Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure. Secrets and workload security The assessment documented that over half of organisations (54%) store at least one secret directly within AWS Elastic Container Service (ECS) task definitions, creating a direct attack path for threat actors. On GCP Cloud Run, similar patterns were observed, with 52% of organisations found to be storing secrets within resources, and 31% on Microsoft Azure Logic Apps workflows. Furthermore, 3.5% of all AWS Elastic Compute Cloud (EC2) instances were identified as containing secrets within user data. AWS EC2's broad adoption means this level of exposure represents a substantial risk across the industry. The report points to some improvement in cloud workload security: the prevalence of the so-called "toxic cloud trilogy"-a situation in which a workload is publicly exposed, critically vulnerable, and endowed with high privilege-has decreased from 38% to 29%. However, Tenable researchers note that this combination continues to represent a significant risk for businesses. Issues in identity and access management One significant finding relates to the use of Identity Providers (IdPs). The research indicates that 83% of AWS organisations employ IdP services to manage cloud identities, which is regarded as best practice. Despite this, risks persist due to permissive default settings, excessive entitlements, and lingering standing permissions that give rise to identity-based threats. "Despite the security incidents we have witnessed over the past few years, organizations continue to leave critical cloud assets, from sensitive data to secrets, exposed through avoidable misconfigurations," said Ari Eitan, Director of Cloud Security Research, Tenable. The report suggests that attackers are often able to find entry points with relative ease, exploiting public access, extracting embedded secrets, or misusing over-privileged identities. Recommendations and risk management "The path for attackers is often simple: exploit public access, steal embedded secrets or abuse overprivileged identities. To close these gaps, security teams need full visibility across their environments and the ability to prioritize and automate remediation before threats escalate. The cloud demands continuous, proactive risk management, and not reactive patchwork," added Eitan. Tenable's analysis is based on telemetry collected from a diverse array of public cloud and enterprise environments and provides detailed insight into the cloud security challenges currently faced by businesses. The report offers practical recommendations to help security professionals reduce risks, mitigate vulnerabilities, and address gaps before they can be exploited. The findings underline the necessity for organisations to adopt unified cloud exposure management, increase visibility across their cloud assets, and take a systematic approach to automation and remediation of security risks, particularly as cloud adoption and reliance on AI-driven resources continue to rise.
