There has been a lot of media coverage lately about large companies falling victim to cybercrime but did you know that an estimated 70% of cyber-attacks are specifically targeted towards small businesses? It’s time to not only get your defences in place but have a plan for if the worst happens.

Watch our webinar on a key aspect of your IT strategy – Backup & Disaster Recovery – the art of business continuity and getting things back up and running quickly after the worst happens.

Cyber Security Webinar:

  • Introduction (00:02 – 06:41)
  • Business Disaster Recovery & IT (06:41 – 16:44)
  • Avoiding a Disaster (16:44 – 23:06)
  • Planning for Disaster Recovery (23:06 – 35:09)
  • Questions (35:09 – 45:51)

Transcript

Introduction (00:02 – 06:41)

Michael (00:02):

Good morning, everyone.

Dan (00:03):

Good morning.

Michael (00:05):

Hello and welcome to our webinar in a series of webinars. Today, we’re looking at backup and disaster recovery, the art of business continuity. So what things we have to worry about and what do we need to think about to make sure that when disaster strikes the business is able to recover, continue operating, and then come back to something that could stop businesses dead in their track.

Michael (00:39):

Today on the webinar, we’ve got myself, Michael, and we’ve also got Dan from Netitude.

Dan (00:45):

Hi there, you alright?

Michael (00:46):

We’re going to be presenting this one together.

Michael (00:54):

One of the things that we will be looking at is ransomware attacks specifically, that’s lots of different types of disasters. This is a growing concern and it may even be at the point where we can call it a grand concern. It’s, it’s something that everybody needs to be aware of. And disaster recovery planning nowadays needs to go beyond fires and floods. If you keep up with the news, you will hear about Garmin.

Dan (01:25):

Yup. Yup.

Michael (01:27):

Five days offline.

Dan (01:31):

Effecting many people.

Michael (01:33):

Effecting even myself.

Dan (01:35):

Okay.

Michael (01:37):

Five days where I couldn’t post the runs in Strava. Blackboard a less well-known name, but some of the clients that serve; national trust, many universities, many charities it didn’t stop operations but still very damaging to reputation. And very famously several years ago, Wanna Cry, NHS, that’s probably one of the most well-known viruses out there and that did cause a huge amount of disruptions.

Dan (02:13):

Yeah. I remember reading about that.

Michael (02:16):

Cancelled appointments. So, even though they’re in a public sector you can quite easily see that for a business a huge disruption to the ability to deliver service.

Dan (02:30):

Yep. It’s going to affect reputation obviously as well. That’s very important with clients being able to deliver.

Michael (02:39):

It’s easy to calculate the cost of downtime during a disaster based on average wages.

Dan (02:47):

Yeah.

Michael (02:48):

Reputational damage contractual damage is it’s going to.

Dan (02:52):

Go a lot further.

Michael (02:53):

It’s going to go a lot further.

Michael (02:58):

One of the things we’ll be exploring is how in IT, we often talk about backups, but just because you have a backup, it does not mean you have a disaster recovery solution.

Dan (03:11):

Yeah.

Michael (03:13):

And you still have to think about the plan that sits on top of that to make it really work.

Dan (03:19):

And obviously also thinking about how to continue through things that are coming up as well at the same time.

Michael (03:27):

Absolutely. So, depending on the service or the type of technology you’re either recovering from disaster and unable to operate. Maybe some things you will be able to keep running whilst you’re down. Maybe it’s an approach rather than a technology solution. Maybe it’s telling stuff ahead of time that they just need to keep answering the phone and noting things down, to upload to the system later.

Dan (03:58):

So, communication during these times as well. It’s going to be important factors to think about.

Michael (04:02):

It’s very important. It’s definitely a key thing. Well, once you’ve done the planning you’ve got to tell people about it otherwise is not very valuable.

Michael (04:16):

So let us know once you’re in you can do that for you, the Q&A, if you hover your mouse near the bottom of the screen in the middle, we got some options pop up on the bottom right-hand corner Vaseline. At the moment, you can see that all speech bubbles in a, in a turquoise circle down there. If you click on those, you can send us questions through and we will be keeping an eye out and answering them as we go.

Dan (04:46):

Cool. Okay. And we also thought we would start with a warm-up question to ask everyone. So that is who is most at risk of a ransomware attack or who do you think, what industries, most of that risk will be revealing that the end as well.

Dan (05:04):

Okay. So yeah, I’m Dan I’ve been working in the tech industry for the last three years. I made the move from a development startup into IT a year ago, my background is based in client relations but always with an interest in technology, which focuses on efficiency, productivity, and automation.

Michael (05:23):

I’m Michael, I’ve been working on IT for the last nine years. I’ve done various roles, quite hands-on things, moved into account management and from there I’ve gone into the virtual it director role in Netitude. I spent a lot of time talking to businesses about IT and how to make it work for them and helping them to build or building IT strategies for them to go from it basics all the way up to modernizing systems, modernizing processes and Cloud migrations. For those who aren’t Netitude clients, we’re a managed service provider that complete IT department from help desk to project engineers to Virtual IT Directors we’re based in the Southwest. our focus is on making sure our clients achieve business growth for a solid IT strategy prior to the preached it.

Dan (06:20):

Mentioned before but please make sure that you add your questions in the Q&A section, and we will be addressing those as we go. So the main points that we are going to cover today is business disaster recovery, and IT, avoiding a disaster and planning for disaster recovery.

Business Disaster Recovery & IT (06:41 – 16:44)

Dan (06:43):

To start us off, when you think of the word disaster what springs to mind specifically?

Michael (06:49):

Straight away it’s fire it’s flood acts of God, hardware failure – that’s a common one in IT. Cyber breach, is a growing concern it’s probably not on everyone’s radar, as much as the other, the other ones I’ve mentioned there, but I go as far as saying that even something like a snow day could push a business into a disaster. If staff can’t get to the office, we’ve seen that with COVID recently.

Dan (07:20):

So obviously you know, with disasters, they’re going to lead to downtime. Why is downtime a major concern for us or any business for any business?

Michael (07:30):

For any business the first question you’re going to ask yourself is can I recover at all? If the answer is, yes, you’ve got a way to come back from one of these disasters, then the very next thing you’re going to be asking is how long will I be down for and what are the costs going to be? So we’ve used this quite simple cost calculator in the background based on the number of staff, the average annual salary and the profit you’d expect it to generate within those hours. That’s going to give a base cost, but just under 600 pounds and hour for businesses 30 people up here. But really that’s just the tip of the iceberg. I think if you’ve got contractual obligation the cost of downtime could be much steeper. Cost damaged reputation is really hard to put a number on and also just the effects on clients businesses relying on you rely on us. And they will also feel the impact if you’re unable to deliver your service during downtime.

Dan (08:44):

So how often does it happen? I mean, how cautious do we have to be?

Michael (08:50):

It can happen at any time, obviously, it’s incredibly unpredictable, but the fact is that any of these things can happen to anyone. It’s not necessarily worrying about how likely it is to happen is just accepting that of all of these things sooner or later it’s going to happen to someone and that someone might be you.

Dan (09:20):

So it’s just about making sure there is a plan in place because it could happen. You don’t know when and is happening constantly to lots of people, as we mentioned earlier on the news with Garmin and especially with the current climate things have picked up in terms of ransomware.

Michael (09:40):

Exactly. So I can split them into some categories. Some disasters are avoidable. Hardware failure from an ageing server, if you’re working with an MSP that should be on your radar, it shouldn’t be that you know your server accidentally falling over. Isn’t the sort of disaster that you should be coming up against normally.

Michael (10:03):

Fire and flood. Everybody is at risk, especially in a shared building. If you’re running manufacturing, there are so many things that can go into that. Out of all the scenarios the one we’re going to focus on most today, however, is cyber-attack. As I mentioned it has been a growing concern. I think now we’re reaching the point where it’s a fully grown concern. We talked about Garmin, they recently had famously front-page news, five to six days of downtime, unable to provide a service to clients due to a ransomware attack. One of the reasons that this is growing is because as companies get more cyber insurance, they include ransomware payout’s in the insurance, the people that do these attacks then see that is more likely for them to be easily able to get a payout,

Dan (11:00):

Right, okay.

Michael (11:00):

Which unfortunately increases their desire or their, their interest in carrying out these sorts of attacks.

Dan (11:09):

Got you, OK.

Michael (11:12):

We’ve got some stat stuff here just to say that this sort of thing, everybody is a target.

Dan (11:18):

Yeah.

Michael (11:19):

Some people get the news, not everybody does, but everybody is a target. It’s almost automatic. The process for selecting people. It affects SMBs almost as much or half of the time, the same as larger enterprises. And one reason to focus on this ransomware attack, if you’re not aware of what that means, you get competed virus, it locks all of your files and it will display a ransom note which will say if he wants to get back into your files or use your service, send us this amount of money by some mechanism.

Dan (11:58):

Which is exactly what happened to Garmin and rumour has it they actually did end up paying out. So there’s the cost of recovery as well as possibly having to actually pay people as well.

Michael (12:12):

Absolutely. Lots of the other scenarios such as fire and flood is, you know, it’s difficult to deal with, but as a timeline that it’s about recovering hardware, we’re covering services bit different to being locked out from your systems, from your data and someone else holding the key.

Michael (12:31):

We’ve touched these three already, actually in the news. And one of the things we’ve seen is if you’re a larger company enterprise-level it’s kind of a national brand name, you may well hit the news if that happens to you. Just because smaller companies aren’t on the news, that doesn’t mean it isn’t happening. See cyber breaches in those it’s not as widely reported but for sure your clients, your suppliers, you yourself, are going to notice this is happening. So I think where it’s happening to smaller companies it is news within your stakeholders.

Dan (13:19):

Yeah. Okay. So, why do we hear about backup disaster recovery and business continuity together? I mean, are they just the same thing or are they different?

Michael (13:38):

Really very related but they are different. We do have to think about different things. When we’re talking about this, we’ll run through quickly where we see the difference between most relevant for IT and for you understanding what’s going on.

Michael (13:53):

So, a backup in this scenario is just a copy of files, a copy of your data somewhere else. Does it exist somewhere else or do you literally have all your eggs in one basket?

Dan (14:05):

Okay.

Michael (14:05):

However, a backup on its own doesn’t mean that it’s a good backup. It could just be a copy of your files on a USB drive, hanging out the back of the server, so fire and flood, It’s definitely not going to protect the business in that sense. So, we would often use a backup tool to set up a sort of disaster recovery solution and that’s going to look a bit more like this. Rather than just copying files to a USB drive, we’re going to take a whole copy of everything on the server we’re going to copy it to the nass. A nass normally, or another server. And importantly, it’s going to be backed up off-site and site could be a branch office, preferably the cloud secure data centre. So in that sense, you know, that whatever happens to your premises, you’ve got a copy of the data there.

Michael (15:04):

When you add the disaster recovery planning into it, then you’re going to start asking questions like how fast should this happen? How often should I back up? In this example, when you’re just running a back up, you don’t really need to be too concerned about asking these questions. It’s once a week, it could be half an hour is more appropriate. A backup every half an hour is more appropriate for most people. Once you really get into disaster recovery planning, and you talk about these sorts of timings and start asking the questions about how quick should things happen. And if the answer is for certain services, they need to be up and running as soon as possible. That’s when we’d look at creating a business continuity solution. So at least in terms of IT, it’s business continuity, if it can fail and you barely notice, or you’re back up and running within a very short period of time, operations aren’t affected continue to run the business despite the failure.

Dan (16:08):

So business continuity is about avoiding any downtime. Whereas disaster recovery is bouncing back in the background kind of thing?

Michael (16:16):

Yeah. Business continuity is much more automatic. It is something that happens very quickly. It might be a blip, but it isn’t a native school chunk of its not stoppage. Okay. If you’re in a disaster scenario, I would say that is when it is a stoppage and you’re doing manual work or IT is doing manual work to get you back up and running, and there’s noticeable downtime.

Avoiding a Disaster (16:44 – 23:06)

Dan (16:44):

So, we’ve covered the basics of what disaster recovery is. So I suppose really we should move on to how to avoid being in the situation at all. So what, what can businesses do? What can we do to avoid ever getting into the situation first place?

Michael (17:03):

Yeah, absolutely. The easiest way to reduce downtime is to avoid having downtime in the first place. There’s a couple of obvious things that should be covered that you should be thought about specifically and our scenario. So cyber breach, ransomware, you’re locked out from your files, how do you stop that from happening? Well nowadays really we’re an MSP service. We’re targeting a baseline of security so, the obvious things are government-backed cyber central standards. It’s a baseline of security. The growing threats, ransomware, that we see today really does require additional layers of protection, more advanced software systems, hardening monitoring and planning on how to respond to anything like this.

Michael (18:01):

So seriously considering additional security, cybersecurity services, I think nowadays is something that should be on everybody’s radar, if not part of the strategy to implement already. A really key part of that is training. We’ve seen the industry reports and what you see is a graph of IT, investment in software and hardware, spending on security devices going like this, the training is actually just going along.

Dan (18:31):

Plateaued. Okay and I suppose the human element is going to be the most important all the time because it’s humans are always interacting with the technology. So it’s interesting that we haven’t put so much investment that over time.

Michael (18:47):

Yeah, and actually the more you invest in software without investing in training, the human element is the easier bit to target. So that will still be, I mean, it drives the focus onto humans, you know, phishing emails, those kinds of things.

Michael (19:05):

And it is honestly difficult to keep up with the latest sorts of hacks. I don’t know the personal level without doing ongoing training. So training is one of the main part of our cybersecurity service. And I think without it, it wouldn’t be complete. Stuff needs to be aware of the training needs to be ongoing.The kinds of things we do are send out test phishing emails. If somebody happens to click on it straight away, you’re alerted and told this is the things that you should have looked out for next time, be careful and here’s a link to some training to go off and do to heighten your awareness.

Dan (19:49):

So it’s really addressing the sort of the weak link there, in terms of helping people keep themselves safe.

Michael (19:59):

Exactly. It’s much easier or much more straightforward to put the software in place to provide as much protection as possible, doing that ongoing training is more difficult. It’s more challenging to do but we did have a way to do that. You can track training over time. You can see which individuals need extra training. You can see areas of weakness across the whole business, and we can help provide targeted training to really tighten up that area.

Dan (20:28):

Perfect. Excellent.

Michael (20:30):

Other things, so proactive maintenance is a big one. This is one of the sources of avoidable failure software updates fixing backup failures, all of the, that you’d expect to standard MSP service to include.

Dan (20:50):

And that would all fall within managed systems and make sure that all antivirus and things are up to date as well?

Michael (20:57):

Absolutely. Use of the cloud is a big one. It’s, you know, many people are moving to it because it has a lot of business continuity options built straight in out of the box. It’s still looking at a server on-site. You can have a backup server. That’s pretty good sedation. Many of the cloud solutions a popular one being Microsoft’s Office 365 for email. You don’t see it in the background, you’ve got 3 servers running your emails in one data centre, you’ve got another 3 servers and another data sensor and that kind of scale and automatic failover is just not something that is very easy to replicate for most small to medium businesses.

Michael (21:39):

However, Cloud doesn’t always include disaster recovery. One to watch out for, and always make sure that as a disaster recovery solution in the background. The final one just think about is just hardware refresh.

Dan (22:02):

Okay.

Michael (22:02):

IT still relies in hardware, even if you were in the cloud, we shouldn’t let equipment get old. Failure rates peak after five years, seven years, depending on the exact hardware. It’s a big source of avoidable downtime.

Dan (22:20):

So let’s say we’ve got the ideal setup with, you know, we’re adhering to all of these, but surely there’s still a risk in terms of disaster recovery.

Michael (22:33):

Yeah. When you’re looking at disaster recovery plan and you see the items that you have or the status that you have, you look at what the mitigations could be, you apply them and it’s an ongoing process. So you will come back and say, well, what now there’s still going to be disasters some sort of unforeseen circumstance. And so even with the best preventative measures in place, we still need to have a disaster recovery plan and the business though needs to have that plan in place.

Planning for Disaster Recovery (23:06 – 35:09)

Dan (23:06):

Okay. So, what if the worst happens? Planning for a disaster. So what does a business need to think about if they end up in a backup and disaster recovery situation?

Michael (23:25):

We’re gonna illustrate this one because it’s a bit easier. We’re going to focus this on the IT side but we will touch on the business side as well.

Dan (23:35):

Okay.

Michael (23:36):

So a business has a disaster recovery plan, IT has a lot of input and has a lot of explaining to help you understand exactly what’s going on in the background and that process will look something like picking a specific service, like emails. This could be files. It could be your most important application. It could be a lesser important application but it’s turning it in something that makes sense to the business. So we’re not talking about server three, it’s going to go down on, what do you do? You say email is getting to go down. You’re not going to get, you have to communicate with your clients, you know, advance communicating with other staff. So, what does that, what does that look like?

Michael (24:22):

The sort of inputs we provide for your disaster recovery plan is the time to recover. So email is going down, how long do we expect that it would take to get back up? That will allow the business to start to question what it would look like for them, what they need to do in that time. We would look at how much work is going to be lost because backups run periodically there is always going to be some sort of a window of time, maybe even if it’s as small as five minutes or one minute or half an hour or an hour where work might be lost we need to highlight how much to expect that. And also how far back things go in general so, do you know, do you only go back a week? Do you go back 30 days? What happens if I delete something? That’s the smallest disaster I can imagine it’s deleting a really important file.

Dan (25:17):

Yeah.

Michael (25:18):

Um but if your backups only go seven days and you notice on week two, it’s too late a personal level disaster.

Dan (25:27):

Okay.

Michael (25:30):

Once we’ve documented, these sort of timings is a conversation with the client, with the business to say, well, this is what we’re expecting to happen right now what do you think? The answer to that will be fed back in backup doesn’t go far enough it doesn’t get up and running fast enough, we can’t be without email for four hours. And then we’ll offer a list of mitigations or ways to reduce that time, reduce the impact, update the plan and, and continue to iterate like that.

Dan (26:11):

Okay. So constant improvement, even on a plan that’s been laid out, always testing and always improving. And as business as businesses grow as well, their needs will change as well.

Michael (26:22):

Yeah. It’s a constant process because needs change options change, and I’m just running through the process of talking about how long things would take to recover would often bring up interesting questions. But the process itself is key to learning more and think about more possibilities. It’s going to set aside a larger plan, so those are the sorts of IT inputs on the business side, I’d expect that to be slotting into these sorts of things. So the business should identify what their key roles are which staff are doing the most important jobs that it’s going to help prioritize when the disaster happens, who to get up running faster and how to best support them.

Michael (27:16):

Equipment is an obvious one. It will have some input and that’s the asset list. This is how many computers you have. This is how many monitors you have. This is the expected replacement costs. The business itself is going to have other things, desks, maybe telephone systems, stationary, all these things that people need to be able to do that job. IT is only a subset of that process. Where are you going to go? If there’s a fire in his flood? Again, IT kind of have some input in that if you’ve got a second office, what do you need to add to scale it up, to take on more stuff? What do staff need to be able to have to work from home, or it’s a service office that’s popular backup option, how fast an internet connection should you be asking for?

Dan (28:03):

Okay.

Michael (28:04):

How many desks do you need to have a school? Do you need space in the comms room? Insurance you know business should have insurance that covers these sorts of disasters. You need to know based on the equipment list, how much, how to access any payouts. If it’s going to take time to process an insurance requirement, what’s the budget, what’s the cash flow sort of considerations that you need to have on the side together to handle a disaster and get equipment in place. Finally, I said it right at the beginning, communication is going to be key. Once we’ve gone through this whole process, once IT is fed into the business’s disaster recovery plan, you need to speak to,

Dan (28:55):

Getting the message out there.

Michael (28:56):

Get the message out there. Who’s your key IT contacts. Who are your key insurance contacts? How do you communicate it to stuff? When do you communicate it to clients? All those sorts of considerations.

Dan (29:14):

So each plan is absolutely going to be unique to each business. And also, as we touched on before develop as each business grows as well. So constantly changing things, always adapting to the current situation and also that situation in terms of how they are as a business as well.

Michael (29:35):

Absolutely. I mean, we provide a base disaster recovery solution, when surveyed most small and medium businesses said the four hours to recover was an acceptable amount of downside. So that’s the sort of thing we target as a, as a standard to begin with and certainly the backup software that we use, the storage that we use for the backups the cloud backups, it at least to begin with focuses on this four-hour window being a sort of expectation. If you don’t know where else to start, four hours to get back up from running is reasonable. Most people consider it.

Dan (30:23):

And then you just up and down from there?

Michael (30:25):

Yeah, you target what’s, what’s important, what you can’t make do without, and you build off of that. So if you, if you need to go for less than four hours and you’re still very, server-based, you’d expect to see a backup server, the same as the main server, you’re copying things across every five minutes. And if a server, if your main server goes off, the other one pops back on you’re up and running, and it’s like the like as well. So we fix you’d fix the failed one in the background and you set it back up as the main server. Sorry, as a new backup server. So you have the disaster hardware failure that happens you’re running on the backup server within a very short period of time and then you continue operating and everything gets sorted out in the background.

Michael (31:20):

One thing to consider is the failings of the cloud or failing to a less than lifelike server, even though it’s a, you know, less investment required upfront, there’s more downtime because you still have to get back to normal once the disaster is finished.

Dan (31:38):

Alright, okay. So if a business has great IT in place and everything, you know, you’ve got, you’ve got all the things that we’ve talked about is everything just automatically taken care of? We need to not worry.

Michael (31:55):

I think you still needs to be aware because IT is just part of the larger businesses disaster recovery plan, business continuity planning. So certainly with the solutions that we do for backup, whether you’re in the cloud or whether in the server, we’re taking care of a lot of the basics. But no, you still need to be engaged on what it is you’re expecting from the system. This is where our quarterly review process comes into it, it focuses IT in on the business needs and checking the ideas still meeting, changing business needs, allows time to discuss adjustments and implement.

Dan (32:42):

Hmm. Excellent. Cool. Okay. So we asked a question at the beginning and it was about which industry was most at risk or which entity you thought was most at risk from a ransomware attack. So we haven’t had any suggestions, I don’t know if you guys want to pop a few suggestions in the Q&A box? That would be thinking about different industries would be leisure media and entertainment, or public services finance, manufacturing that what else have we got? Transport as well.

Dan (33:48):

There you go. A few suggestions coming through. Good.

Dan (33:57):

Okay. Thank you very much for that. So the answer actually is, and this surprised me actually when I was looking, I honestly thought it would be the public sector or finance. They seem to sort of most obvious ones to go for, but it is in fact media leisure and the entertainment industry. So quite, quite interesting of all the industries.

Michael (34:19):

It’s quite a wide industry grouping I’d say. Things that they do have, I mean, everybody’s data is very valuable but you know, you have a lot of photos, videos that sort of thing in the media is very valuable. Once you’re locked out from it, you’re going to need to pay to get it back.

Dan (34:42):

I suppose all of the clients or customers, data is also points toward their interests as well, which is the kind of data that’s very, yeah, as you said before, valuable. So I suppose that makes sense then.

Michael (34:59):

There may be some trend and investment in IT, in those industries, they may potentially be under-investing, makes them an easier target.

Questions (35:09 – 45:51)

Dan (35:09):

Cool. Okay. So we’ve sort of come toward the end. On our sign up form, we did leave a space for people to ask some questions and we got a couple through. So the first question was how long is normal recovery time? I think we did touch on this one and it was sort of you’re looking at about four hours, so half a business day depending on the business.

Dan (35:40):

Another one was do I need a plan if I’m in the cloud? Which is a really great question.

Michael (35:47):

It is yeah. It’s one of those things where because the cloud is a sort of fluffy concept is quite a wide category of, of all sorts of things. People hear cloud, and they’re seeing the ones who are in the cloud disaster recovery is taken care of backup is taken care of and, and that is simply not the case. At it’s the lowest level, the cloud is just more servers in a different building, it might be a very good building, a data sensor but in some previous cloud outages, people have been surprised to find that they do not have a backup in a different cloud.

Dan (36:41):

Oh, okay!

Michael (36:42):

It’s a really important item to consider that the cloud is fantastic in most implementation. So business continuity, it can automatically failover very quickly, always no noticeable disruption. However, something like a crypto locker, virus or ransomware that we’ve been talking about during this webinar, what you end up with a very good business continuity solution is that your locked files are very quickly copied, therefore business continuity isn’t the right sort of solution to come back from that.

Dan (37:17):

Okay.

Michael (37:17):

What you want is a disaster recovery solution. So that is your files, your data in a different place. Completely separate. It can be recovered from.

Dan (37:27):

Okay. Cool. Oh, we have another one here, how safe are we from cyber attack in the cloud? So I suppose specifically looking at people targeting the cloud itself and files within that.

Michael (37:51):

Yeah. That’s a really good question as well, and it’s where people are looking at, going from service to the cloud, it’s a common question. There’s a feeling that it’s out of your hands, it’s a big target but the security practices in place are beyond what is achievable I think for most small, medium businesses, even with the best protections in place. It’s, you know, with the big services Office 365 for email and files, definitely there’s absolute separation from between tenants. If you have a backup in place, then you know, you’re covered.

Dan (38:38):

Yeah.

Michael (38:38):

And actually, should be the biggest risk at the moment I think for cloud, is it still your user accounts rather than the cloud service itself. So, this is why we’re talking to a lot of people right now about multifactor authentication. When you go to log into your cloud service, you get a code on your phone, you have to put in. It stops a lot of cyber security breaches in its tracks. You’d expect any good cloud providers to be running antivirus and everything that’s coming in and out with their cloud and on services. If you’re looking at third-party cloud providers, not third party but outside of Office 365 outside of the big ones, if it’s your specific CRM customer relationship management application or your line of business application, whatever it is that you were using it is well worth asking questions about security.

Michael (39:32):

A lot of providers have had to adjust very rapidly to the cloud. You know, they’ve spent years developing software to run on a server in the corner of the office. All of a sudden everybody’s got a cloud option. They feel like they should have a cloud option, but their expertise has been in programming for servers, not programming for the cloud. I’d definitely be looking for a statement on security and what practices they have in place when comparing their services.

Dan (40:00):

So on that same subject, we’ve just had another question. If somebody uses one drive for all their files and they, so there’s obviously duplicate one in the cloud or on your laptop as well, if the laptop was compromised in some way, however, that is whether it’s ransomware or just a virus and the file is encrypted, would one drive files get encrypted inside the cloud or is this sort of a shut-off period there, or is there sort of a combination of the two happening?

Michael (40:40):

It’s a really good example of the cloud and business continuity. So in a normal disaster and at a personal level you’ve dropped your laptop, it didn’t like it and you’re worried about getting access to your files. Luckily, you’ve got them in one drive, so, you log in through a web browser or you get a new laptop and it just downloads and straight back and you know, that you’ve got fairly recent versions of it probably within the last five minutes, If not, real-time the latest thing you’ve done with it. Fantastic for that, crypto locker your files getting locked, they may get copied, locked into the cloud. So in that case, this is where you have to ask yourself with your power solution has disaster recovery in. And the answer with Office 365 is no, not really like I need a separate backup solution.

Michael (41:36):

The one that we used security takes a copy of all the files you’re creating and stores it in Amazon web services, one of the biggest cloud providers. If your files were to get locked in one drive you would recover it from this other service.

Dan (41:57):

Okay. So using a single cloud is great for your sort of your hardware failure, that’s what it’s really built against. But yeah, in terms of being all your files being encrypted, you would still be looking to find a backup in another location. And instead of having those different backups in one, two separate places, it’s more important than that sentence.

Michael (42:21):

Yeah. It’s ever since tape backups, the idea is to have three copies, two different mediums. So on the server itself or on a different server and at least one of them off-site. So that still applies to the cloud. The off-site is not covered until you’re in enough cloud or copied off, at least in that sense. What I wouldn’t expect the cloud security comes into it is you wouldn’t expect the virus to go into the cloud and then start to encrypt.

Dan (42:59):

So it would just purely be the files themselves that would get encrypted and then just.

Michael (43:04):

One Drive would be doing its job if it’s copying files, as changes are made to them. So, it’s yeah. Hopefully, you know, if you know, manage the anti-virus, the additional sorts of protections that you thought about for advanced cyber security you would have protection against the majority of ransomware viruses, certainly with the advanced security tools. They lookout for the sort of things that ransomware does.

Dan (43:37):

Yeah.

Michael (43:37):

You know, it’s not normal computer usage to go around locking all your files. It can see that it can stop in its tracks. It can alert it and hopefully, with the user training thing, you’re not accidentally clicking on links. You’re more aware you’re thinking about these things. You’re thinking before you click it’s on the front of your mind, and it’s not likely to get on but yes, even then there might be a very new, very potent virus and you still need that disaster recovery solution that if the worst happens.

Dan (44:11):

So another question was, can you stop the ransomware spreading to the backups? I think we’ve sort of half-covered that. In some cases, you can’t, in which case it’s important to have that second fall back.

Michael (44:25):

Yeah. We talked about it for the cloud, but with the server, the way a backup solution normally works is that you take a copy of the server every half an hour to a Nass box, so that’s a resilient bit of storage better than USB drive but it is sharing the network potentially it’s a risk if something already is already in the network, it’s at risk of also being locked. However, our offsite backups to a centre it’s done by a mechanism where the virus can’t make the jump over to the data centre, it can’t stop locking backup images. You’re definitely going to have something to be able to come back from that.

Dan (45:07):

Okay.

Michael (45:12):

And that’s all we have in terms of questions for now.

Dan (45:18):

Cool. Excellent. Thank you very much for those. That’s great. We hope you enjoyed today’s webinar if you have any questions afterwards feel free to contact either myself or Michael. If you have anything specific to do with your business that you perhaps have questions about, I would be happy to help out with.

Michael (45:40):

We’ll be sending a follow-up email as well. So you can respond to that and we’ll make sure it gets through to the right person to be able to take a look on an individual basis.

If you’re concerned that your organisation doesn’t have the correct security measures in place or you need advice on your cyber security risk management, get in touch we’re here to help!

← Back to Blog
Lily Howell Lily Howell

05 August 2020

Share this article:

Posted to:

Business ContinuityCloud ComputingCybersecurity

Latest Articles

Growth through technology