The WannaCry ransomware incident had an impact on 150 countries. Anyone impacted was left with one gnawing question: Was there anything we could have done to avoid this? Could our IT department have done something differently? Was there someone who saw this coming and knew how to avoid it?
But really, unless you actually wrote the program, there was little you could have done.
But is that true?
You theoretically could have hired white-hat consultants (you know, those “good guy” hackers) who might have been able to recognize your vulnerabilities. You then could have paid a lot of money to have repetitive penetration testing completed on your systems. These consultants could possibly have been able to detect the WannaCry problem before it hit, then your own IT team could have begun a patch on all your systems. After all, how many computers does one company actually have? It certainly can’t be that hard.
But wait a minute…that’s every single workstation and every single server. Now let’s add to this…it needs to happen over the course of a weekend. Yes, IT IS that hard.
Option two is to have the responsibility placed onto someone else…where it makes more sense. Here’s where Microsoft and the Cloud come in. This is never about finding a place for the blame; it is about making sure you have assigned an important job to the correct party. You are, quite simply, in the business doing business…not IT. You should not be expecting your internal IT team to have the technology, know-how, or resources to protect your organization completely. You should rely on people whose job is IT in order to prevent and/or manage breaches.
Governments, agencies, and other organizations already in the cloud have discovered an unexpected benefit: with patching SaaS (software-as-a-service like Office 365) and PaaS (Platform-as-a-service like Dynamics 365, this is no longer their problem. With the SLA (service level agreement), Microsoft delivers an assurance that their solutions will be available and operational, with specifically defined downtime and security. If there is an issue, it’s Microsoft’s responsibility to handle it. Additionally, when ransomware or other attacks do occur, Microsoft provides a dedicated team of professionals and the necessary technology to ensure that patches are utilized, often prior to the general public becoming aware of the issue.
Now, what happens if you don’t have Dynamics 365 or Office 365? What occurs with an older version? Even if this is the case, you are hosting your organization’s solution in IaaS (Infrastructure-as-a-service), which means host controllers in the data center have the ability to keep an eye on situations for you. However, you’re not entirely in the clear. Since you are running a VM (virtual machine), this operates within a Windows operating system. Microsoft cannot manage or monitor that for you—or notify you if a problems occurs. This is why you need a strong, qualified partner with the ability to run your Cloud infrastructure within a Managed Cloud Service. In the hands of the experts, guarded against cyber-attacks, is where it should be so you can go about the business of running your organization.
In brief…
- Though we cannot eliminate every hacker and we know we will eventually deal with a data threat or breach, we can be prepared if we trust the task to the experts.
- Microsoft has invested heavily into their data centers. You can count on the fact that they will be there, fixing problems quickly and efficiently. If an issue gets past them, they know that they have thousands of customers relying on them to get it fixed fast.
- If you are an IaaS customer in the cloud, a strong partner will assure that everything is up to date and they will be watching out for hacks. They should have all the resources necessary to “follow the sun” and protect your organization around the clock.
Organizations in both the private and public sectors are reaping the benefits of moving to the Cloud:
If your company is concerned because of this attack, get out of the IT business and move to the Cloud. . We can assist you by building and executing a plan that will guarantee a smooth transition and a safer place your organization and your customers.
Microsoft has a number of solutions to address situations exactly like this. The most common scenario for Microsoft is the Office365 product. Office365 offers a storage solution in the form of SharePoint Online as well as OneDrive. Both solutions leverage a document storage system that is Cloud based, and does not operate on a traditional file share technology. Said differently, all access to documents stored in these systems requires the usage of either the Office365 portal or API (Application Programming Interface) access done by an authorized developer (built into Excel, Word, Powerpoint, OneDrive Sync for Business, or third party software products – but will still require you to enter your credentials for them to operate).
In both cases, the Office365 security center is monitoring all access thru both the Portal and the API to prevent these types of scenarios. Office365 Security Center will even send you (or your IT department) alerts if there is an attempted hack or break in attack. In the event of a severe issue, the Security Center will even go into lock down and stop access until the thread has been neutralized. So, even if your company issues laptops that are compromised, your content in the Cloud cannot be infected. In the event that somehow something does manage to get through all of those layers of security, Microsoft maintains a strict backup and retention policy, and can recover data that has been offloaded (there are fees for this type of service obviously, but the point is they can still get it back for you).
There are many other non-office style solutions for file management in Azure as well, but those get very developer and Cloud technical quickly. There are a number of 3rd party solutions for file sharing and distribution that are also available, but the terms and conditions of those software products ultimately bear the brunt of the “security” where as Azure becomes a hosting platform at that point.
I hope that this answers some of your questions, and would be happy to clarify if any points were missed!
Hi,
I'm curious about this as I use another cloud services in the UK provided by Currys PC World (Knowhow Cloud). We actually lost all the data stored on the cloud after a ransomware attack on a single PC, as the virus was able to access and encrypt every file on the cloud.
Currys were unable to recover them in bulk and advise that we could restore each file to a backed up version, but had to do this manually through their web interface, one file at a time.
Given that we had over 200,000 files stored on their Knowhow Cloud servers and that the manual process takes at least a minute per file, realistically we can never recover the data.
Are you saying that the Microsoft cloud offers improved security?
I would be interested to know your feeling on whether Curry PC World's cloud is offering sufficient protection to their customers having read your article!
many thanks,
Richard