Posts

Office 365: Threat Intelligence and Data Governance Tools

/in , , /by

Microsoft Office 365: Threat Intelligence and Data Governance Tools

Threat Intelligence and Data Governance ToolsThere is a lot that’s new about Microsoft’s Office 365 cloud version of its traditional desktop software. Some of the biggest new benefits have to do with two major pillars of an enterprise strategy: first, identifying and mitigating threats in a network, and second, establishing policies and procedures for data governance. Threat Intelligence and Data Governance Tools, are significant to our work process in Microsoft Office 365.

 

Why do companies need good data governance and threat intelligence systems in place?

Lots of experts are looking at studies by Ponemon, one of which estimates the average cost of a data breach at around $4 million — there is also this article from writer Michael Panciroli in April that sites some troubling statistics, for example, an assertion that 45% of surveyed companies don’t have good enough data governance to protect them from serious legal and security risks.

That kind of gap is what these new cloud features of Office 365 are meant to address — to help client companies to get more effective cybersecurity in place, perform better advanced data governance, and know more about their business data assets.

Major Benefits of Microsoft Office 365 Threat Intelligence

There is a ton of functionality built into Microsoft Office 365 Threat Intelligence that’s related to foiling hackers, conquering malware, and generally keeping a network safe and clean.

One essential element is the Microsoft Intelligent Security Graph — this new feature of Microsoft’s cloud security platform does two major things. One is that it’s a comprehensive data aggregation center that takes in diverse input from hundreds of different sources, along with many of the 350 billion authentications that Microsoft manages each month. The other is that it utilizes machine learning components to increase its threat mitigation power even more. (See more detail on the strengths of Microsoft’s Intelligent Security Graph from Microsoft Vice President of Enterprise Client & Mobility Brad Anderson in this testimonial video.)

In other words, part of the strength of Microsoft Office 365 Threat Intelligence tools is the amount of raw data available to a machine learning system that can work with it and make it into actionable results — for instance, offering real-time tools and alerts, isolating and dealing with content that looks suspicious, and integrating with other security information and event management tools.

Aside from the Intelligent Security Graph, the Office 365 platform also now offers a new Advanced Threat Protection (ATP) reporting interface with all sorts of dashboard views related to network activity. The ability to extend this to desktop clients, and to infiltrate areas of an enterprise network, is very useful to business leaders who need to keep an eagle eye out for disturbing warning signs of inappropriate activity. Maybe it’s a logon from a suspicious location, or activity by an employee that hasn’t been on staff for years. Another major red flag is a significant volume of file deletions, which is another real-time indicator that Microsoft Office 365 Threat Intelligence can analyze.

Relating Microsoft Office 365 Threat Intelligence to Advanced Data Governance

Businesses know that data governance is critically important. Many of them also understand how having access to raw data and tools to filter and refine that data adds to the threat intelligence that they benefit from in-house. But not every business understands how new Microsoft Office 365 tools can enhance data governance in concrete ways. For instance, cloud policy recommendations will help to define data that should be kept and stored in an archive, or data that can safely be discarded. That’s just one aspect of having a security and compliance portal that helps businesses to build and classify their data.

Along with having good data governance and threat intelligence software capabilities, CloudAlly’s Office 365 backup and recovery service is another important part of a fundamental cyber security system. By providing automated daily backups and the ability to restore or export data from any point in time, CloudAlly ensures ongoing business continuity in the event of data loss.

Latest Cyber Attack Reminds Users to Backup Their Cloud SaaS Apps

/in , , , /by

Latest Cyber Attack Reminds Users to Backup Their Cloud SaaS Apps

— How To Backup Google Apps & Drive —

How To Backup Google Apps & DriveThe FBI reports that there are 4,000 cyber attacks per day—that’s almost four attacks per minute—and they’re becoming more prevalent. In 2015, there were only 1,000 attacks per day. That’s a 300% increase, and the latest global ransomware attack may have been one of the worst yet.  Is your company considering how To Backup Google Apps & Drive?

While it’s obvious from their regularity that the business world is no stranger to malicious viruses, malware, and more, in many cases even large organizations aren’t fully prepared to prevent an attack. That’s because, when 93% of phishing emails are now ransomware, it can be difficult to keep up with the criminals particularly when your company’s safety is not in the hands of your knowledgeable IT department but in the hands of your everyday employees. If even one employee clicks on a link or downloads an attachment from a hacker, the data of your entire company could be compromised.

The key is understanding exactly what malware is and knowing whether all of your data, including Google Drive, is protected.

What Is Ransomware?

Ransomware is a type of malware virus that takes over a computer and prevents access to data until a ransom is paid. It works by encrypting files and forcing you to pay a fee if you want to decrypt them. Only the ransomware creator knows the encryption key, and if your company isn’t willing to pay up, the data is often deleted and lost forever.

In many cases, the ransom demand is made via new computer wallpaper, which details specific instructions for payment. Some past messages have read:

  • “Your computer was used to visit illegal content. To unlock your computer, you must pay a $100 fine.”
  • “You only have 96 hours to submit the payment. If you do not send money within the provided time, all of your files will be permanently encrypted, and no one will be able to recover them.”

Payment demands can be up to $500 USD with the price doubling if funds are paid within a specified time—usually 24 hours.

The most recent iterations of ransomware have targeted enterprise end users who may not think they are “valuable” or “high-profile” enough to be the victim of an attack. The reality is that anyone can be a victim, which was more than proven in the most recent widespread attack.

Recent Ransomware Attack

Petya” might not sound like a dangerous word, but it’s the name for a vicious ransomware attack that crippled organizations all over Europe and the US in June 2017. It began in the Ukraine and quickly spread around the world, crippling big institutions such as WPP, Mondelez (a food company), DLA Piper (a legal firm), Maers (aDanish shipping and transport company), and Merck a large U.S. pharmaceutical company. The attack locked thousands of employees out of their computers until the ransom was paid.

Large organizations were particularly vulnerable to Petya because it only took one machine becoming infected for the ransomware to spread throughout the entire network. However, that doesn’t mean small companies weren’t at risk, too. Any machine connected to the Internet—nearly everyone—is susceptible.

And “Petya” is only the most recent attack. Just two months previously, the WannaCry or WannaCrypt ransomware attack hit more than 150 countries, 230,000 computers, and hundreds of companies including Telefónica, German State Railways, and the Britain’s National Health Service (NHS).

In both attacks, the ransomware spread rapidly using Microsoft Windows as its venue to move throughout each network.

In the case of WannaCry, the ransomware found a vulnerability in Windows that could have been fixed with a software patch, but many companies were using an outdated version. Worse yet, WannaCry didn’t require humans to spread. Once it was unleashed, it had the ability to move around the network by itself.  WannaCry was able to hunt down vulnerable machines and infect them, too. It spread like a virus, searching out weaknesses and exploiting them.

Petya worked similarly.

The Petya attack began through a software update mechanism built into a regularly used accounting program. Then, a second wave of infections was released using a phishing campaign with malware-laden attachments. However, unlike WannaCry, which tried to spread both internally and externally, Petya focused solely on internal networks, which limited its range of damage.

“I’m willing to say with at least moderate confidence that this was a deliberate, malicious, destructive attack or perhaps a test disguised as ransomware,” Nicholas Weaver, a security researcher at the International Computer Science Institute, told Krebs on Security. “The best way to put it is that Petya’s payment infrastructure is a fecal theater.”

Still, in both cases, the outbreaks were devastating for the companies affected and were difficult to coral once unleashed. And security experts warn that Petya and other ransomware strains will continue to proliferate.

So, how do you protect your company?

Preventing Ransomware Attacks

The best way to prevent a ransomware attack is to be prepared for one. There’s no way to 100% stop ransomware, since it’s up to user error and appropriate training, but there are a few things you can do to negate the affects of a ransomware attack. The first step is to review your company’s security settings along with your software habits to reduce your chance of becoming a victim.

The most important protection: regularly backup Google and all of your SaaS data. The advantage of cloud storage is that it automatically backs up your data in a secure and remote location, so even if your business becomes compromised your data stays protected.

A common misconception when it comes to SaaS data in the cloud is that it’s backed up and protected. This is not the case—Google backup does not exist and Office 365 backup is limited.

Google Drive automatic backup only happens if you use third-party software, like CloudAlly, to protect yourself. This means that if you’re infected with ransomware, all of the files, spreadsheets, and private information that you put in the cloud to keep it “safe” could be at risk of attack.

And an external backup drive is not sufficient. A hard drive backup that is connected to your computer can be compromised during a malware attack.

Using CloudAlly, you can auto backup Google drive every single day including your Mail, Drive, Classic Sites, Calendar, Contacts and Tasks. This simple step can reduce your risk of losing everything if a hacker takes your system hostage. When you have a backup, you can ignore the request for ransom and have your IT department remove the malware without any data loss worries.

Then, once your system is clean again, CloudAlly offers a simple non-destructive restore process, allowing you to recover your data in its entirety with point-in-time recovery.

“If you administer your company’s cloud accounts and need a simple to use but sophisticated backup solution, CloudAlly is all you need.” — Gareth Griffiths, NRH

Data is Security in the Cloud to cloud backup Solutions

/in , /by

A Practical Guide to Ensure Your Data is Secure in the Cloud for Cloud Backup Solutions

As more and more businesses turn to the cloud, it is vital to protect the data that is stored in the cloud. Furthermore, the transactions need to be secure and safe to ensure that the cloud-based services run smoothly and securely.

The vast expanding mobile device ecosystem spearheads the computing over clouds. Businesses of all sizes, from start-ups to SMEs to Fortune 500 companies, have started leveraging the significant advantage of the cloud to roll out more services across all areas to strengthen their businesses, especially when working with Cloud to cloud backup Solutions.

In fact, the cloud has proved to become a must-have and not only a nice-to-have for businesses to excel. But how secure is the cloud and its access? How safe is the data stored and managed? These questions still prevail and this article will present a few factors to ensure your business or data is secure in the cloud.

Cloud Whereabouts

During the time of mainframes, a huge amount of data was stored in centralized computer systems, such as mainframes, that were small enough to be placed in a single location.

However, at the moment, the data exist virtually somewhere in a corner of the world without even the user knowing where it is stored. How secure is the physical location and what sort of environmental, fire and safety measures are ensured by the cloud storage provider to keep it safe?

These things are rarely thought about as more and more businesses want to establish quickly and reach out to the market. Knowing the physical location of your data and how it is secured is an important factor to consider before moving to the cloud.

Secure Protocol

In business and financial apps, the volume of transactions becomes a prime concern. Managing such a volume has to address two things: firstly, the real-time processing of the transactions and secondly, the transaction has to be secure and free from any kind of hacker attacks.

While this may seem of little interest to the cloud-based entertainment businesses, it is the prime concern for financial companies fearing to move to the cloud.

Cloud to cloud backup Solutions show Statistics from the Ponemon institute report indicate that around 43% of companies experienced threats which originate from attacks on the data that is stored in the cloud.

The cloud provider has to ensure the use of secure protocols, such as SSL, IPsec, HTTPS or any other applicable protocol, for safer transactions and storage of the data. There are many public and private cloud providers claiming to provide a secure infrastructure, but most of these break down when the transactions reach high volumes. The providers need to be thoroughly verified for the use of the protocols and the volume of data that is being managed by their cloud infrastructure.

Strong Access Policies

There are many layers of security that have to be built when dealing with the cloud infrastructure. The first level of security has to originate from the user who accesses the cloud data on a daily basis. Almost 60% of the data that has been compromised originate from the employees who access the cloud data, according to Data Breach Industry Forecast.

Strong access policies and privileges have to be set while migrating your business to the cloud. Passwords also have to be strong enough and the level of access needs to be defined. They have to be administered by strict security policies and should be changed periodically to protect the access to the data stored in the cloud. This can be combined with a multi-way authentication of the

Adopt and Control Bring Your Own Device

As cloud-based apps mostly cater to the mobile ecosystem, it is difficult to control the device that the user will use to access his or her data stored in the cloud. This becomes a perennial challenge, since new devices are being rolled out every day by device manufacturers. Companies adopting Bring Your Own Device (BYOD) pose a greater risk in the cloud- based work environment. This is because the IT policies are difficult to set on these devices, especially when they are new.

However, it is equally important to adopt these devices because discouraging them will hamper the cloud-based services. Security policies have to be evolved to ensure that the cloud protection measures are taken care of while adopting the BYOD for any organizations doing business in the cloud.

Encrypt the Data when dealing with Cloud to cloud backup Solutions

While this may make things a little slower and make the cloud more expensive, encrypting the data is one of the secure ways to protect your data in the cloud.With public and private key mechanisms, the data in the cloud can be kept secure and even if there is a compromise in the cloud, the data are rendered useless by the attacker.

This would still not completely protect the data arising from the physical and environmental threats, but the data remain in safe hands with the encryption keys only known to the user who uses them.

As said before, the cloud security needs to be built in layers right from the system to the user and in every part of the network nodes that sits between the user and the physical cloud.

Test Your Cloud Thoroughly

As clouds seem to be secure for smaller volumes and data, the vulnerability creeps in once the data grow and the volume increases tremendously.

The hardware and performance capability seems to throw great threats in terms of security and availability. So the cloud needs to be planned in a scalable manner and security aspects have to be built.

Test your cloud in a defined and random manner to ensure it does not break down or become vulnerable to the attacks as it grows in size. Things like the middle of men attacks, stress testing, and penetration testing will help evaluate the cloud’s security before it is put to use.

Adopt the Right Access Tools

A right key is a solution to the right lock. Similarly, the use of the right tool is the safest way to keep your data secure.

The use of VPN-based access and setting up host-based intrusion prevention systems are important to have a secure cloud environment. Furthermore, this can be administered by firewall policies to allow the apps that are intended to use the cloud environment. This will prevent unwanted access to the data that is managed by the cloud.

Get a Cloud-to-Cloud Backup Solution

You may be assured by your cloud provider that your data will never be compromised or lost. However, can you leave your businesses dependent on someone else?

Also, it is not just about data loss opportunities. Even a single downtime for a couple of minutes can break your business, especially if your business deals with a huge amount of data.

You may remember Google Drive went down the first week of October this year. This means you can face downtime even with the biggies like Google. So, an inevitable solution for this is a cloud-to-cloud backup solution.

You should get your online data backed up daily and automatically to different cloud storage. This will ensure that, even if you experience data corruption or theft with your online data such as Office 365 or Google Apps for Work, you can still recover it as your data are already backed up to a cloud storage, such as Amazon web services, as a backup.

This will thus ensure that you never have to be worried about data loss and that you can focus on your core business operations.

Data is very precious in the present day and securing it should be of prime importance to businesses running in the cloud. Thus, a secure cloud is a key to winning the confidence of your customers and a success in the cloud environment itself.