Read the latest helpful updates on ransomware and cloud security from our industry partners and contacts.
We like to put our partner and media contacts to good use in helping you and your customers to understand the security landscape.
This month, we bring you three helpful new updates – two guides to ransomware (and how to defeat it) and the other an interesting short article from Cloudworks on the benefits of cloud security for small and medium businesses.
Business guide to ransomware
New from AppRiver, this guide is subtitled ‘Understand, Analyze and Protect’, and is a very readable resource covering what ransomware is, how it works, how it spreads, and the best practices and employee training that can help defend against it.
Ransomware: Malwarebytes bytes back!
Another take on ransomware and how to combat it comes from security experts Malwarebytes, who major on the importance of endpoint security (keeping PCs and devices protected) in this informative and short PDF.
Five reasons why cloud security is important for SMEs
Big servers, large infrastructure, lots of IT staff – these are all security components that SMEs just can’t afford! This is why they must look cloudward – and this article from Cloudworks describes the benefits of cloud security neatly.
The WannaCrypt0r ransomware floored the NHS and many other organisations besides. These guys reckon they could have stopped it.
WannaCrypt0r, the global cyber-attack that paralysed 45 NHS trusts, plus businesses in over 100 countries, has woken the world up.
It’s woken a few security vendors up too, as the flurry of emails in my inbox over the weekend shows.
And, predictably, they’re all keen to tell us that customers running their security software were protected from WannaCrypt0r’s terrifying exploits.
Here’s a summary of the claims each of these wannabe ‘WannaCrypt0r-killers’ have made. It will be interesting reading for those who are contemplating where to go next with their anti-ransomware strategy!
The mail from security software vendor Bitdefender states its case boldly: “Customers running Bitdefender are not affected by this attack wave.”
How so? Bitdefender has a ‘ransomware vaccine’ that users can switch on to immunise machines, and this uses the ransomware’s own programming against it.
But at a deeper level, it boils down to the ability to detect memory violations – in other words, to understand when a machine’s memory is being tampered with, which indicates that a cyber-exploit is afoot long before it can actually execute and cause any damage.
It’s this kind of device behaviour, Bitdefender implies, that, with their GravityZone products, would have shut WannaCrypt0r down before it even really got started.
It’s machine-learning that’s writ large in the Trend Micro response to the WannaCrypt0r incident.
“Customers are already protected against this threat through Predictive Machine Learning and other relevant ransomware protection features found in Trend Micro XGen™ security,” the firm claims.
It’s a highly layered approach, involving email and web gateway solutions, behaviour monitoring and reputation analysis, file and website blocking, across physical and virtual machines, with the overall goal being to “prevent ransomware from ever reaching end users.”
Of course, if WannaCrypt0r has shown us one thing, it’s that ransomware is perfectly capable of activating before it reaches the end user!
However, a beacon of hope in Trend Micro’s communication that I did not see elsewhere is that it has a tool that can decrypt files affected by certain crypto-ransomware variants, meaning victims would not have to pay the ransom in exchange for a decryption key.
(How many IT guys would have killed for that last Friday evening?)
Malwarebytes’ communication slaps its cards down on the table thus:
“Malwarebytes is protecting your organization against this specific ransomware variant. Our anti-ransomware technology uses a dedicated real-time detection and blocking engine that continuously monitors for ransomware behaviors, like those seen in WannaCrypt0r.”
Like Bitdefender and Trend Micro, this is hinting at some sort of intelligent analysis of machine and network behaviours that might predict a ransomware attack, before it actually starts to execute.
Malwarebytes’ four-layered security approach – operating system, memory, application behaviour and application hardening – contributes to this detection capability, as it monitors at multiple system levels for ransomware and other exploits, simultaneously.
But Malwarebytes goes further than this in its claims. It says in this blog about WannaCrypt0r that it “will stop any future unknown ransomware variants.”
(The italics are mine – but I’m sure you’ll agree they’re worth emphasising!)
What next for WannaCrypt0r?
There are few certainties in cyber-security but what experts are predicting is that wave two of the WannaCrypt0r attack will come soon – and wearing a different guise.
Will the security solutions above recognise it rapidly enough to combat it?
Let’s see whether the communications live up to their word.
Web attacks will continue to increase in 2016, experts tell us. But web security is getting cleverer - and here’s what you need to know about it.
The European Union’s latest ENISA Threat Landscape report tells us that web attacks will continue to increase in the future. So, no surprises there, then!
But web security hasn’t stood still. In fact, there are many web security features now available that give security partners and their customers much deeper insight into web threats, as well as more effective tools to combat and manage them.
Here are just a few web security developments you might want to look out for in 2017.
URL analysis to beat zero-day threats
The backbone of web security has often typically relied on comparing a URL to a database of known malicious URLs, and blocking access if a match is found.
Clearly, there are severe limitations to this approach. Zero-day threats, for instance, won’t be on any URL blacklist, because they are simply too new, as we’ve explored in a previous post.
But web security solutions can now ‘sandbox’ a URL (quarantine it so that interactions with it cannot pass threats onto the network) and automatically analyse the behaviours of the destination site.
This way, even zero-day and unknown threats can be spotted and blocked, before they can cause any damage.
Centrally managed content filtering and reporting
Web content filtering is also a critical security requirement for most organisations, to ensure that employees don’t access inappropriate or reputationally risky material.
Historically, however, it’s been easier said than done. Endpoint security solutions have rarely proven themselves up to the task; they typically cannot monitor or report on web access unless there is a policy in place on that endpoint for that specific website. (Hardly an all-encompassing strategy, eh?)
Web security solutions can totally transform this situation, because security policies and their actions can be applied from a central dashboard to users and roles, independently of the endpoints they’re working from.
A senior manager who has good cause to investigate questionable content on a website, for example, might simply be monitored; a more junior user attempting the same thing might have access to that website blocked.
Decoupling web filtering from endpoints also means that reports can be created and run in real-time, simply by clicking on widgets in the centralised dashboard - and these cover all web use, not just pre-selected sites.
Web application control: the new ‘must have’
As we touched on in a previous post, it is now possible for web security solutions to control access not only to cloud applications like, for example, Facebook, but to specific features within them – by individual, role, device and location.
These can include, for example, functions that enable users to upload or delete profile images, remove a public link, permanently delete files from a recycle bin, disable a security group, and many other types of actions that can be high-risk in certain contexts, both with and without malicious intent.
As businesses rely more and more on cloud and social applications to carry out everyday processes, this kind of web security is set to become mission-critical.
Gains in performance, deployability, and more
But it’s not just the security features themselves that are worthy of note.
A host of innovations around performance, deployment, usability and productivity mean that web security solutions are now a more attractive proposition from the point of view of end-users (who are looking for service excellence) as well as security partners (who are looking for differentiators and ease of management) than ever before.
From the performance point of view, the latency (lag) often associated with cloud-delivered solutions, for example, is a thing of the past, thanks to locally stored caches that wake up instantly.
From the deployment point of view, flexibility is high on the agenda, with agentless options, and multiple authentication methods, including SAML, direct, and agent-based – pretty much whatever the end-user prefers, in fact.
And when it comes to usability, guest users on VLAN and mobile workers are protected without the additional complication of connecting to a VPN (or the danger of failing to do so), supporting risk-aware productivity.
Something tells me threat actors, users and security partners alike will be watching web security very carefully in 2017.
And this unrelenting growth is one of the factors driving a huge increase in email-borne cyber-threats. In fact, in the first quarter of 2016 alone, according to this piece in Infosecurity Magazine, there was an 800% increase in email-borne threats over the previous year!
What, then, should you be looking out for to protect your business (or your customers’ businesses, if you’re a security reseller or service provider) against this onslaught?
Choosing email security
We’ve identified some specific features that we believe are critical to effective email security in 2017’s threat-laden world.
But SMEs also include many businesses that have little or no in-house IT or security expertise - so complex on-premise email security just won’t work for them.
Instead, look out for cloud-delivered, as-a-service solutions that major on ease of use (that means, amongst other things, no-maintenance deployment, with 24 x 7 updates, patches and hot-fixes delivered automatically by the vendor).
This kind of solution has the added benefit that it can filter email inline and scan it prior to it reaching the recipient, so threats are intercepted before they touch the business’s network.
Nothing to remediate, no spam to archive, nothing to clean up – good news for resource-starved small businesses.
2. Email clients – cloud’s a must!
Smaller businesses in particular are also turning to hosted email clients like Office 365 and Google Apps, with research showing that nearly two-thirds of small business owners already have an average of three cloud solutions in place.
Combine this with the knowledge that Office 365 has known issues with its ability to detect insecure document content, though, and it’s not enough to just go with a cloud-based email security solution. You also need to choose one that is good at dealing with cloud-based email client vulnerabilities.
Get the last bit wrong and you’re still behind the SME security curve.
3. Threat coverage and awareness
Spam, malware, spyware, phishing and inappropriate content are all known risks that must of course be protected against.
But the underlying question is how the solution’s knowledge of the threat landscape evolves, since it is this process that ultimately protects users against emerging threats like zero-day exploits.
Big data and machine learning algorithms are the key features to look for in this respect, but many vendors are now jumping on this bandwagon, so look at the hard numbers to sort the aspirational from the credible.
Take Trend Micro’s Hosted Email Security (HES) as just one example: over 50 billion website URLs, email sources, and files scanned, correlated, and filtered, with over 7 terabytes of new threat data processed - daily.
GDPR is never far away from our discussions thesedays, and any cloud-delivered service is now under the microscope with regard to how it protects the privacy of the data that it holds.
Look for a solution backed by data centres that have reached the most stringent privacy certifications - in Europe, these are generally considered to be ISO 9001, ISO 27001, OHSAS18001 (LHR1) and SAS 70 Type II.
5. Ease of partner management
For security partners, there is an added dimension to a choice of security solution: the ease with which they can manage it!
Solutions that are difficult to provision and manage burn through administration resource and gnaw at margins – making them potentially unprofitable.
Look instead for a single security dashboard across all customers, that also works with industry-standard platforms like Autotask, ConnectWise and Kaseya.
This will enable you, for example, to automate monthly usage and reporting management, proactively analyse emerging security threats, and provision new solutions and services more rapidly – without signing into and logging out of multiple systems and tools.
Email security in 2017 – as-a-service solutions to a growing challenge
As long as businesses keep sending and receiving emails, the bad guys will keep using them to try and attack the soft underbelly of businesses.
But to do that, the emails have to get there in the first place – and if they’re getting caught by security in the cloud first, they won’t.
If you don’t manage your Trend Micro Worry-Free Business Security upgrades properly, your customers could be at risk from ransomware! We explain what to do.
If you sell Trend Micro’s Worry-Free Business Security Standard or Advanced editions, you’ll know that both come with a convenient management console that enables you to easily watch over and control the security services you deliver.
But if you don’t act on the information and alerts you receive, and keep your solution up to date, itcould mean that your end-user customers are at greater risk from threats like ransomware!
There are just three things you need to do to keep your customers protected:
1. Upgrade manually after renewals
Renewals of Trend Micro’s Worry-Free for Business Standard or Advanced editions do not automatically upgrade to the latest version, so you need to manually manage this process yourself.
Happily, it’s an easy thing to do. There’s a link to Trend Micro’s Download Center at the top of every console homepage. Click to upgrade your renewed Worry-Free Business Security edition to the latest version (see images below).
Alternatively, you can go to the Help tab, click on Support, and then click on the Download Center icon at the bottom of the page (see image below).
No uninstall or reinstall is required, the upgrade will automatically be picked up from the server by all the connected security agents, and your customers will stay protected.
What’s not to like?
2. Get notified by RSS as well
If you’re not on v.7 or upwards, you won’t get console notifications, so you need another way of receiving them.
And even if you are on v.7 or upwards, there’s certainly no harm in having a backup notification channel to be doubly sure the message hits home.
This is why the Download Center website supports RSS. You can set up upgrade notifications and reminders from that site straight into your RSS feed (see image below), and then go into the console to act on them.
3. Act on those notifications!
As we’ve shown above, the console – even in pre-v.7 guise - contains the necessary links for you to download upgrades or service packs, and you can also find these links in the Download Center, whose icon is at the bottom of the console page (see image above).
So it’s a cinch to stay ahead of the game – but you do have to make sure you download the upgrades and packs promptly from the links.
That way, your customers will continue to be fully protected.
Keep Worry-Free worry-free!
Pay heed to your console, reminders and notifications and your Worry-Free Business Security solutions will totally live up to their name (more so, in fact, if you upgrade to the cloud-based Services edition that significantly simplifies life for both you and your end-users!)
But miss an upgrade or a service pack, and fast-moving, destructive threats like ransomware are, in all probability, already one step ahead of you and your customers alike.
Managing licensing processes can bite deep into security MSPs’ margins. But one vendor seems to make it a lot easier. We investigate…
If you’re a managed security service provider, you’ve got an awful lot on your plate when it comes to licensing.
Try to manage it all using different tools and you’ll rapidly flay the flesh from your profitability – and probably send your customer satisfaction levels plummeting, too.
Logically, the solution is to somehow combine all the licensing functions in one place, making them both accessible and easy to use. But is any security vendor actually offering this? And if so, does it really deliver on the promise?
For our money, the answers to these questions are “yes, Trend Micro” and “yes, here’s how”, respectively.
The first thing that is striking about Trend Micro’s Licensing Management Portal (LMP) is that, in contrast to some other so-called “single pane of glass” management tools, it isn’t just available for a core technology that so far only underpins one or two finished products.
Instead, it has already evolved to the point where it is common to pretty much the entire Trend Micro product portfolio
So it makes it possible for MSPs to centrally manage, from a single sign-on system, multiple instances of both “point” solutions like Cloud Application Security (a topic we discuss further in this post), and more comprehensive solutions like the Worry-Free Business Security range.
Let’s not gloss over the pain that this alleviates. It eliminates wait time associated with ordering licences, because LMP is available 24 x 7 x 365. It automates the tracking of renewals and expirations. And it eliminates the complexity and cash-flow risk associated with manual billing.
LMP + Remote Manager = automation
This capability stems in part from the fact that LMP also contains within it Trend Micro’s Remote Manager.
This radically streamlines many of the licensing management processes by plugging them into industry-standard RMM and PSA solutions like Autotask, ConnectWise, Kaseya and LabTech.
So, you no longer have to manually drive your billing process, for example. Instead, LMP can use ConnectWise to auto-issue invoices and create end-to-end billing the moment a new endpoint or device is deployed.
Likewise, there’s a lot less juggling of multiple processes in order to set customers up. LMP syncs with LabTech, so you can map customers from LMP to customers in your LabTech solution, and then, within the latter, just “point and shoot” to deploy, issue licences etc. No jumping around between applications!
Service plans the way you and your customers want them
Whilst we’re on the point of service plans, it’s worth mentioning that LMP has rewritten the rulebook somewhat in this respect too, offering real flexibility.
You can activate licences into live services in any number of formats – monthly, yearly, quarterly, on receipt of PO – and you can schedule in additional features so that they don’t have to be managed manually.
For example, a new customer that has committed to your services for two years initially, but whose contract needs to revert to a monthly rolling arrangement after this initial period, can have a service plan created in LMP that will deliver this arrangement – automatically.
From where we’re sitting, it’s probably the only example of a service plan mechanism that combines customer-friendly flexibility and features with management tools that don’t place an unsustainable drain on your resources!
Powerful but flexible reporting
Of course, if you can’t easily see what’s billable, automated provisioning and service plans won’t stay viable for very long!
Here, too, LMP shines. Not only is the reporting itself automated, it provides up-to-date detail of everything that has been in any way consumed by the end-user, ensuring that consumption and billing are always in step with each other.
At the same time, the automation allows a window of manual adjustment to cope with cancellations, error correction, atypical deployment scenarios, and other exceptions.
In essence, LMP has enough automation to make the majority of billing scenarios far easier – and far more economical – to manage.
CLP: Convenience for the end-user
But what’s really innovative in LMP, in our view, is that it enables the end-user to manage some of their own licensing, giving them the convenience of direct control, whilst also (let’s be candid) fattening your margins by reducing your workload!
This is because LMP contains a Customer Licensing Portal (CLP), which enables customers to manage licence keys for selected parts of their security estate, based on role. That partial autonomy and flexibility works for them, which makes you look good.
But the fact that the CLP can also carry your own branding will do your business profile no harm at all, either!
“Nobody does it better”, goes the old song. And at the moment, our Trend Micro team seems to be singing it around the office quite a lot. Funny, that.
In the wake of a Windows 10 zero day exploit that had Microsoft all a-flutter, we explore these insidious threats - and how to combat them.
In the last blog in this series, we looked into ransomware, what it is, and how you can stop it. In this blog, we put another cyber-threat under the microscope – the zero day exploit.
We’ve looked into what the zero day exploit is and how it ticks – and we’ve “zeroed” in (sorry!) on some things businesses and their security partners need to consider in order to confront the danger head-on.
Zero day exploits: what are they?
Perhaps no other threat is guaranteed to drive software vendors’ marketing departments into public fits of bluster and defensiveness quite like the zero day exploit (see Microsoft’s recent performance in this piece in Ars Technica, for example!)
This is because zero day exploits are all about urgency and panic. Typically, they attack newly released software through vulnerabilities even its designers often don’t yet know exist (although legacy software can also sometimes be a target).
They are so called, as Wikipedia explains, because the hapless software vendor has “zero days” to fix the problem, or communicate helpfully about it, before it goes public – since the hackers themselves have usually already publicised it for them!
Zero day exploits love targeting browsers and office applications like Word and others (because we all use them) and they also hijack the common SMTP email protocol to find their way into these vulnerable applications in the first place.
But what makes zero day exploits so dangerous is that they tend to evade typical security software defences.
Why? Because many of the latter rely on triggers like malware signatures and known URL blacklists – intelligence that accumulates over time. And by definition, a zero day exploit has none of this history behind it!
What damage can zero day exploits do?
Here’s just a short list of zero day threats and the havoc they can potentially wreak, curated from various sources covering the last year or two:
Suspected North Korean State threat actors were observed exploiting a vulnerability in a word processing application
A targeted attack unveiled vulnerabilities in Microsoft Office and Windows, hidden within a Microsoft Word document
Adobe and Windows zero day exploits were made use of by Russia’s APT28 gang in a highly-targeted hack
Vulnerabilities in Microsoft font drivers were found to allow remote code execution, potentially rendering businesses open to ransomware, data theft, etc.
And, at the time of writing, a memory corruption bug affecting several Windows operating systems was declared capable, in this advisory, of remotely causing a denial of service (DDoS) attack!
Zero day – how do you defeat an enemy you can’t see?
But what defence is possible if security software can’t even recognise a zero day exploit when it’s sitting on top of one?
One effective response to this is to choose security solutions that don’t go hunting for known malware signatures, but instead zoom in on the structural behaviour of the applications that are likely to be targeted by zero day exploits.
It follows that the more extensive the analysis of these applications and the data they generate, the more effective a security solution is likely to be in recognising the signs that a zero day exploit is at work.
Enter Trend Micro, which has woven together an extraordinary mesh of vulnerability intelligence sources that include behavioural, statistical, heuristic and protocol analyses, all drawing on a constantly updated and monitored worldwide threat intelligence network.
Backed up by artificial intelligence (AI) and machine-learning techniques that extend through multiple different security layers, analyses of the entire possible zero day attack surface can be interlinked.
In other words, a more holistic understanding of which of the business’s applications are being asked to do what, and whether this is likely to constitute risky behaviour, is formed.
It’s less about putting a name and face to the exploit itself, and more about spotting changes across the business’s often very complex IT environments that aren’t explicable in any healthy way!
Anti-zero day solutions – what the industry says
An enlightening read for those investigating this area is industry analyst Gartner’s recent Magic Quadrant for endpoint security (which you can download here, and in which Trend Micro, incidentally, is positioned highest and furthest amongst the contenders).
It hits on many of the points we’ve mentioned above – application and process analysis, behaviour monitoring, machine learning, browser and office software vulnerabilities, memory manipulation – to paint a pretty comprehensive picture of what the industry is doing to address the fundamental difficulty of stopping a threat that is, initially at least, invisible.
Meanwhile, keep your eyes peeled for our next topic in this blog series – viruses!
Bitdefender updated its GravityZone cloud console with new features that you may not be taking full advantage of. Here at Blue Solutions we are happy to guide you through these changes and how they will affect you and your customers.
The big news is that Bitdefender has now incorporated Anti-Ransomware vaccine for all its cloud customers, that immunises end-users against both existing and emerging ransomware attacks – at no additional cost! This module is activated through the policy section Antimalware --> On Access settings
By activating this module, machines will be protected from all currently known forms of Ransomware. The Vaccine works independently, does not need any other modules to be installed, and is switched on simply by ticking the box in the customer’s policy.
Other New Features in GravityZone
Update Rings- this feature allows Administrators of the program to choose when in the validation cycle an update is received.
Anti-Exploit Techniques- a new set of powerful techniques which further enhances existing technologies to fight targeted attacks. These are integrated into the existing Advanced Threat Control module.
Web Access Control Rules- The categories list has been updated with multiple new categories added.
Exchange Protection- This can now be enabled/disabled when editing a customer with a monthly license subscription.
For more details on the above features and a look at the other features included please click here
AppRiver’s Nautical platform makes all aspects of security service provision manageable from a “single pane of glass”. We look at the benefits.
For security service providers, or resellers wanting to break into the MSP space, there is a double challenge at hand: selecting solutions whose performance will delight their customers, yet that are easy enough to “drive” on a day-to-day basis to prevent margins being eaten away by costly management overheads.
This is why the appearance of AppRiver’s Nautical platform has set our antennae a-twitching. It promises a unified management console that enables service providers to deliver and manage a raft of cloud-based security solutions from one place, without the profit-sapping expense.
Here are just a few ways in which that could benefit service providers and their business.
The business benefits of Nautical, (1): Devolved management
Managing everything from under a “single pane of glass” is a seductive sell, but (I hear you say) doesn’t that just make for a crammed and complex window onto your world, which in turn drives management and admin costs up?
But Nautical turns this on its head, by enabling role-based interaction, so that different users each have different views of what is under the pane and can exercise different levels of control over it – and this includes the end-users themselves.
In this way, management workflows are made more targeted and efficient, but also flexibly devolved to customers where possible - taking even more of the admin burden off the service provider’s desk.
The business benefits of Nautical, (2): Easy upscaling
Theoretically, cloud-delivered services can easily scale up to meet the needs of increasing numbers of end-users, thus supporting service providers’ revenue growth.
But critical to this process is the ease with which those new users can actually be brought on board. All the cloud service capacity in the world is no money-spinner if it is difficult, time-consuming and costly to connect users to it.
One of the killer new features in Nautical is a configurable user account management function that enables new users to be brought on board, and the overall user count to be increased, very easily.
Previously, this would have entailed multiple workflows in multiple environments; using Nautical, however, it is now a far simpler (and therefore cheaper) process.
The business benefits of Nautical, (3): App-style agility and healthchecks
To go back to a previous point, bringing on additional users also inevitably drives demand for more products and services. Any service provider that delivers on the first point but not the second is painting themselves into a corner.
Nautical, however, makes it possible for both service providers and their customers to add and integrate new products and services with the kind of pick-and-mix agility you’d expect from something like an app store.
But (I again hear you ask) doesn’t that, in itself, create another management challenge – namely, monitoring all those disparate products and services without excessive (and expensive) manual intervention?
Here, too, Nautical comes up with the goods, thanks to its cross-product diagnostics that deliver a single, regular, unified application healthcheck to service providers’ customers and all the solutions they’re using.
What else should you know about Nautical?
Nautical has been described as “an entire channel programme in one portal”, but what’s really striking is that this deep integration across all aspects of security service provision comes at no charge.
But it’s perhaps ransomware, explored in a previous post, that will see the most noticeable growth in 2017, and it’s a major factor driving businesses’ and security partners’ interest in business continuity solutions like backup and recovery.
After all, if a business can reinstate critical backed-up data at will, ransomware loses much of its bite, and therefore its attractiveness to those who perpetrate it!
So what does an effective business continuity solution look like?
Business continuity solutions – what to look for
True business continuity is about more than just security applications – there’s a whole host of cultural and organisational requirements too, as this basic guide from CSO Online explains.
But from the solutions point of view, business continuity is basically about two things: reliable and bomb-proof (perhaps literally!) data backup, and rapid data recovery.
Two metrics are critical, here: Recovery Point Objective (RPO) and Recovery Time Objective (RTO).
The former dictates how much data a business could afford to lose before it caused any real and lasting damage – and therefore reflects considerations like how often backups need to be performed, what volumes and formats of data need to be involved, and how robust the backup environment is.
The latter dictates how rapidly that backed-up data can not only be accessed (hint: off-site tapes just don’t cut it any more!) but actually redeployed in a form that the business’s hungry systems can once again get to work on – not just files and folders, but settings, too - to get the business back on its feet post-incident.
Between them, these two metrics hinge on a host of solution capabilities that can be problematic.
For example, one oft-cited issue is that when backup and recovery data is being streamed back into a stricken business, the data can’t be accessed or used until the recovery process is complete – and that can take many precious hours, days, or even longer. Unhelpful.
Reliance on recovery via hardware is also a sticking point, since it may be impaired by the very hack that caused the data incident in the first place (ransomware is a very good example of this!)
What’s the appetite for business continuity solutions in 2017?
Nonetheless, business continuity has been a problem crying out for a solution for a long time before 2017; ransomware has simply put an especially shrill edge on it!
Scary statistics abound; did you know, for example, that according to a study by Onyx Group, 71% of UK SMEs only ever manage to back up part of their data?
Or that 75% of SMBs have no disaster recovery plans in place at all?
But even more terrifying, when considered in the light of the ransomware issue, is that, according to one estimate, 58% of small businesses could not withstand any amount of data loss whatsoever!
Think about that for a moment. It means the hackers’ job is made much, much easier. Even holding the slightest amount of a business’s data to ransom could easily provoke a payout. Minimum effort, maximum return – which means more hackers getting involved in this kind of activity in the future, of course!
(And in case you’re wondering, the disaster recovery-as-a-service market, in which backup will play a key role, is estimated to be worth $11.11 billion - £8.83 billion - by 2021. Ripe for the picking!)
Where can I check out the latest business continuity solutions?
Clearly, what we’ve said above also means that the competitive landscape for security partners in this space is going to become challenging.
But for an insight into how one backup and recovery solution is evolving to deliver both strengthened protection to end-users and a more compelling proposition to the security partners who sell to them, take a look at this data backup and recovery features update.
And keep watching this series of blogs – we’ll be looking at a whole range of security solutions for 2017, covering email, web, cloud, data centre, and Office 365.