Posts

Canadian Privacy Act and PIPEDA

Canadian Privacy Act and PIPEDA

AWS Canadian Data Center for: Office 365, G Suite, and Box.com backup

Cloudlly is supporting cloud to cloud backups with a new Amazon AWS data centers in Canada.  Our Channel partners & customers in Canada are now able to use CloudAlly to protect leading clients  SaaS applications, while ensuring that all data remains within Canadian borders.

Our new AWS data center in Canada, is allowing for compliance with the Canadian Privacy Act and PIPEDA.

We make backup simple and your data safe.

Office 365: Threat Intelligence and Data Governance Tools

Microsoft Office 365: Threat Intelligence and Data Governance Tools

Threat Intelligence and Data Governance ToolsThere is a lot that’s new about Microsoft’s Office 365 cloud version of its traditional desktop software. Some of the biggest new benefits have to do with two major pillars of an enterprise strategy: first, identifying and mitigating threats in a network, and second, establishing policies and procedures for data governance. Threat Intelligence and Data Governance Tools, are significant to our work process in Microsoft Office 365.

 

Why do companies need good data governance and threat intelligence systems in place?

Lots of experts are looking at studies by Ponemon, one of which estimates the average cost of a data breach at around $4 million — there is also this article from writer Michael Panciroli in April that sites some troubling statistics, for example, an assertion that 45% of surveyed companies don’t have good enough data governance to protect them from serious legal and security risks.

That kind of gap is what these new cloud features of Office 365 are meant to address — to help client companies to get more effective cybersecurity in place, perform better advanced data governance, and know more about their business data assets.

Major Benefits of Microsoft Office 365 Threat Intelligence

There is a ton of functionality built into Microsoft Office 365 Threat Intelligence that’s related to foiling hackers, conquering malware, and generally keeping a network safe and clean.

One essential element is the Microsoft Intelligent Security Graph — this new feature of Microsoft’s cloud security platform does two major things. One is that it’s a comprehensive data aggregation center that takes in diverse input from hundreds of different sources, along with many of the 350 billion authentications that Microsoft manages each month. The other is that it utilizes machine learning components to increase its threat mitigation power even more. (See more detail on the strengths of Microsoft’s Intelligent Security Graph from Microsoft Vice President of Enterprise Client & Mobility Brad Anderson in this testimonial video.)

In other words, part of the strength of Microsoft Office 365 Threat Intelligence tools is the amount of raw data available to a machine learning system that can work with it and make it into actionable results — for instance, offering real-time tools and alerts, isolating and dealing with content that looks suspicious, and integrating with other security information and event management tools.

Office 365 Backup

Aside from the Intelligent Security Graph, the Office 365 platform also now offers a new Advanced Threat Protection (ATP) reporting interface with all sorts of dashboard views related to network activity. The ability to extend this to desktop clients, and to infiltrate areas of an enterprise network, is very useful to business leaders who need to keep an eagle eye out for disturbing warning signs of inappropriate activity. Maybe it’s a logon from a suspicious location, or activity by an employee that hasn’t been on staff for years. Another major red flag is a significant volume of file deletions, which is another real-time indicator that Microsoft Office 365 Threat Intelligence can analyze.

Relating Microsoft Office 365 Threat Intelligence to Advanced Data Governance

Businesses know that data governance is critically important. Many of them also understand how having access to raw data and tools to filter and refine that data adds to the threat intelligence that they benefit from in-house. But not every business understands how new Microsoft Office 365 tools can enhance data governance in concrete ways. For instance, cloud policy recommendations will help to define data that should be kept and stored in an archive, or data that can safely be discarded. That’s just one aspect of having a security and compliance portal that helps businesses to build and classify their data.

Along with having good data governance and threat intelligence software capabilities, CloudAlly’s Office 365 backup and recovery service is another important part of a fundamental cyber security system. By providing automated daily backups and the ability to restore or export data from any point in time, CloudAlly ensures ongoing business continuity in the event of data loss.

Latest Cyber Attack Reminds Users to Backup Their Cloud SaaS Apps

— How To Backup Google Apps & Drive —

How To Backup Google Apps & DriveThe FBI reports that there are 4,000 cyber attacks per day—that’s almost four attacks per minute—and they’re becoming more prevalent. In 2015, there were only 1,000 attacks per day. That’s a 300% increase, and the latest global ransomware attack may have been one of the worst yet.  Is your company considering how To Backup Google Apps & Drive?

While it’s obvious from their regularity that the business world is no stranger to malicious viruses, malware, and more, in many cases even large organizations aren’t fully prepared to prevent an attack. That’s because, when 93% of phishing emails are now ransomware, it can be difficult to keep up with the criminals particularly when your company’s safety is not in the hands of your knowledgeable IT department but in the hands of your everyday employees. If even one employee clicks on a link or downloads an attachment from a hacker, the data of your entire company could be compromised.

The key is understanding exactly what malware is and knowing whether all of your data, including Google Drive, is protected.

What Is Ransomware?

Ransomware is a type of malware virus that takes over a computer and prevents access to data until a ransom is paid. It works by encrypting files and forcing you to pay a fee if you want to decrypt them. Only the ransomware creator knows the encryption key, and if your company isn’t willing to pay up, the data is often deleted and lost forever.

In many cases, the ransom demand is made via new computer wallpaper, which details specific instructions for payment. Some past messages have read:

  • “Your computer was used to visit illegal content. To unlock your computer, you must pay a $100 fine.”
  • “You only have 96 hours to submit the payment. If you do not send money within the provided time, all of your files will be permanently encrypted, and no one will be able to recover them.”

Payment demands can be up to $500 USD with the price doubling if funds are paid within a specified time—usually 24 hours.

The most recent iterations of ransomware have targeted enterprise end users who may not think they are “valuable” or “high-profile” enough to be the victim of an attack. The reality is that anyone can be a victim, which was more than proven in the most recent widespread attack.

Recent Ransomware Attack

Petya” might not sound like a dangerous word, but it’s the name for a vicious ransomware attack that crippled organizations all over Europe and the US in June 2017. It began in the Ukraine and quickly spread around the world, crippling big institutions such as WPP, Mondelez (a food company), DLA Piper (a legal firm), Maers (aDanish shipping and transport company), and Merck a large U.S. pharmaceutical company. The attack locked thousands of employees out of their computers until the ransom was paid.

Large organizations were particularly vulnerable to Petya because it only took one machine becoming infected for the ransomware to spread throughout the entire network. However, that doesn’t mean small companies weren’t at risk, too. Any machine connected to the Internet—nearly everyone—is susceptible.

And “Petya” is only the most recent attack. Just two months previously, the WannaCry or WannaCrypt ransomware attack hit more than 150 countries, 230,000 computers, and hundreds of companies including Telefónica, German State Railways, and the Britain’s National Health Service (NHS).

In both attacks, the ransomware spread rapidly using Microsoft Windows as its venue to move throughout each network.

In the case of WannaCry, the ransomware found a vulnerability in Windows that could have been fixed with a software patch, but many companies were using an outdated version. Worse yet, WannaCry didn’t require humans to spread. Once it was unleashed, it had the ability to move around the network by itself.  WannaCry was able to hunt down vulnerable machines and infect them, too. It spread like a virus, searching out weaknesses and exploiting them.

Petya worked similarly.

The Petya attack began through a software update mechanism built into a regularly used accounting program. Then, a second wave of infections was released using a phishing campaign with malware-laden attachments. However, unlike WannaCry, which tried to spread both internally and externally, Petya focused solely on internal networks, which limited its range of damage.

“I’m willing to say with at least moderate confidence that this was a deliberate, malicious, destructive attack or perhaps a test disguised as ransomware,” Nicholas Weaver, a security researcher at the International Computer Science Institute, told Krebs on Security. “The best way to put it is that Petya’s payment infrastructure is a fecal theater.”

Still, in both cases, the outbreaks were devastating for the companies affected and were difficult to coral once unleashed. And security experts warn that Petya and other ransomware strains will continue to proliferate.

So, how do you protect your company?

Preventing Ransomware Attacks

The best way to prevent a ransomware attack is to be prepared for one. There’s no way to 100% stop ransomware, since it’s up to user error and appropriate training, but there are a few things you can do to negate the affects of a ransomware attack. The first step is to review your company’s security settings along with your software habits to reduce your chance of becoming a victim.

The most important protection: regularly backup Google and all of your SaaS data. The advantage of cloud storage is that it automatically backs up your data in a secure and remote location, so even if your business becomes compromised your data stays protected.

A common misconception when it comes to SaaS data in the cloud is that it’s backed up and protected. This is not the case—Google backup does not exist and Office 365 backup is limited.

Google Drive automatic backup only happens if you use third-party software, like CloudAlly, to protect yourself. This means that if you’re infected with ransomware, all of the files, spreadsheets, and private information that you put in the cloud to keep it “safe” could be at risk of attack.

And an external backup drive is not sufficient. A hard drive backup that is connected to your computer can be compromised during a malware attack.

Using CloudAlly, you can auto backup Google drive every single day including your Mail, Drive, Classic Sites, Calendar, Contacts and Tasks. This simple step can reduce your risk of losing everything if a hacker takes your system hostage. When you have a backup, you can ignore the request for ransom and have your IT department remove the malware without any data loss worries.

Then, once your system is clean again, CloudAlly offers a simple non-destructive restore process, allowing you to recover your data in its entirety with point-in-time recovery.

“If you administer your company’s cloud accounts and need a simple to use but sophisticated backup solution, CloudAlly is all you need.” — Gareth Griffiths, NRH