BlogKnowledge we want to share

23.06.2020

The Big Shift. COVID-19 and IT

Many business owners were forced to send their employees to work remotely. Moreover, to maintain business continuity, they had to provide them with appropriate equipment and access to business-crucial platforms and applications. Some workers have decided to use their private equipment. What to do when there is no other way?

Workers and devices out of control

Running an IT department in a company during a pandemic is a real nightmare for IT administrators! Workers and devices out of control. Businesses cannot ignore this fact because they will automatically be exposed to attacks. It must recognize the importance of taking appropriate action to survive. But time is money, and you usually think about data security issues when it’s too late.

Furthermore, The COVID-19 pandemic has unleashed a wave of cyber-attacks. Employees may not be prepared for this, but the company’s IT infrastructure should be.

So if someone makes a mistake, deletes essential business files, drowns the laptop in the tub, or the device gets infected by malware, you need to be sure that the business data is still secure and available. This is what KODO for Endpoints does – it ensures that the data on the device is available and can be restored immediately, no matter what.

 

System administrators and their role in data protection

93% of malware comes from emails – according to Verizon’s report on the data breach. Furthermore, Varonis’ research shows that 41% of companies have over 1,000 sensitive files (ex. credit card numbers, health records) left unprotected.

A system administrator is the gatekeeper of the organization’s IT security, business-critical data, and applications. It is said that if you do not see him often, it means that he does his job well. But have you ever wondered what sysadmin responsibility is?

Among other things, he is responsible for monitoring, maintaining, and upgrading the company’s network infrastructure, computer servers, and virtualization software. Installing and monitoring new systems and applications, as well as servers, devices, and firewalls. Taking care of internal data security.

System administrators do not have an easy life. Especially now, when employees work remotely and use a company and own equipment outside the organization. And cyber-criminals’ activity is overgrowing.

Cybercrime of opportunity

FBI Deputy Assistant Director Tonya Ugoretz said the number of reports has quadrupled compared to months before the pandemic. The COVID-19 incident created excellent opportunities for cyber-criminals, who now more often attack health care sectors and infect remote workers’ devices.

Today, more than ever, we use digital solutions for work, communication, and financial services because we often have no other choice. That is why in times of such increased activity of cyber-criminals, administrators responsible for data security do not have an easy life. Interpol in the report on cyber-security during coronavirus highlights three traps to watch out for.

  • Malicious domains – thousands of new domains related to “coronavirus” appear every day. Unfortunately, they are made to spread malware.
  • Spyware and Trojans have been found embedded in interactive coronavirus maps and websites.
  • Hospitals and public institutions are overwhelmed by a health crisis. That is why their IT infrastructure has become an easy target for ransomware.

Now it’s time to test the Disaster Recovery Plan in your company. Remember that backing up data may be the only chance for immediate recovery in the event of a disaster.

Step towards the shadow IT

 

A few months ago, we faced an unexpected business transformation. Which usually takes several months of planning, preparation, and testing it happened to businesses in a few days. Risk estimation is difficult when a company is using “whatever it takes” to maintain business continuity. Forced (in some way) work from home, employees want to do their job. But even printing documents is a problem when you need to install the printer on a company laptop. So instead of arguing and asking the admin to install a new tool, workers take things in hand.

Shadow IT means that employees use unapproved programs and applications on devices connected to the company’s network. Because they want to perform daily tasks more efficiently, they eventually find a way to overcome all restrictions.

People can be very creative. Unfortunately, they are often not disciplined to comply with security standards (such as using a VPN). That’s why business-critical data can be easily exposed to various threats. Although shadow IT can be minimized, it cannot be eliminated. That’s why backing up data is a much simpler solution than monitoring employee activity, especially remote ones. Data backup is future-proof.

3 things to keep in mind while working from home

When many of us have had to adapt to new working conditions, data protection is becoming a fundamental issue. It’s no secret that the COVID-19 pandemic has revealed many weak links in the processing and storage of confidential business data. What to keep in mind when working from home?

Remember that home networks or other public networks may not meet the required security standards. Therefore, the device is susceptible to unauthorized access to the computer.

Many organizations create data in cloud environments, such as Microsoft 365 or G Suite. This prevents unnecessary downloading of company information to a device. But even data kept in the cloud need backups due to human mistakes.

Employees often share the device with family members. It is not possible to monitor visited pages or clicked links. There is always a risk that a device will be infected with #malware. Automatic backup of critical folders and the ability to instantly restore data is a guarantee of maintaining business continuity.

There are areas where the right software is enough to eliminate these problems, like KODO for Cloud or KODO for Endpoints. In other cases, we need common sense and a bit of knowledge.

Who made these cracks? Things you need to know about SaaS applications

Software as a Service (SaaS) applications have revolutionized the way we work with data, access, and exchange of information. In this model, one can easily create, share, modify the data from any place and device. It’s very comfortable.

However, transferring data between platforms, accessing them from various devices, both private and corporate, and probably from different networks is quite risky. Data is exposed to more types of threats than before. #Malware, accidental or malicious deletions, expired licenses, shadow IT are probably the most common cases. In the Shared Responsibility Model, Microsoft indicates that data safety is on the client’s side. So the infrastructure provider will not take responsibility for:

  • information and data,
  • devices (mobile and PC’s),
  • accounts and identities.

Deleted, encrypted, or corrupted files are unrecoverable unless you have backed them up. With KODO for CLOUD with flexible retention policies, you can be sure that your business data is always available. Even in the event of a disaster or human error.

Cybersecurity predictions 2020

Communication, teamwork, or remote teaching during a pandemic has become a real challenge in the field of cyber-security. No one has ever assumed such radical changes in such a short time. In terms of future, data protection, and maintaining business or institution continuity should be a priority. What is worth paying attention to?

It is estimated that more than half of the workloads are outside the corporate data center. If so, all activities that cut employees from cloud resources are devastating to the company.

Secondly, applications and services running in the SaaS model are, of course, easy to implement on a large scale. Still, a cyber-attack can paralyze the work of entire cities or state institutions. It is worth taking care of data backup.

The massive need for collaboration tools has also revealed many security vulnerabilities. That is why applications such as Slack, Zoom, and Microsoft Teams have become the object of great interest of cyber-criminals. This malicious activity will spread to other popular applications.

That is why it is worth starting to implement a cyber-security strategy by training and making employees aware of potential dangers.

The problems we have mentioned are nothing new, but their scale is now much more substantial. The new model of work and interaction between people and between businesses has shown us many weaknesses of digital tools. But, to the contrary, it proved that it is possible to use them effectively. Can this aggressive paradigm shift be undone? Or have companies noticed that flexibility is the key to survival, and will they use this moment to introduce further changes? Time shall tell.


Drop us a line if you are interested in Microsoft 365 or endpoints data backup and recovery.

Contact us