Azure Helps Secure Regional Franchise After Ransomware Attack; Other Cloud Providers Not as Secure

A ransomware attack means lost business, money, and a scarred reputation. Learn about a regional franchise that was hit by hackers.

Table of Content

    A ransomware attack means lost business, money, and a scarred reputation. When a regional franchise was hit by hackers, they were unable to access data – backups were encrypted as well. The franchise refused to pay the hackers’ ransom, given that there’s no guarantee attackers would return the data (or that the decryption key would recover data back where it was before the attack). According to a 2021 Sophos report, 92% of organizations don’t get all their data back. Only 29% of those organizations that paid recovered even half the encrypted data.

    The franchise was running Microsoft Dynamics GP on-premises to manage accounts payable, with Velosio as its partner. The company reached out to Velosio for guidance and help on recovering data. Velosio recommended that the franchise move its data to Microsoft Azure in the cloud, and within two days, spun up an Azure instance for them.

    Dynamics GP was upgraded to the latest version, and re-deployed in the safe and secure cloud environment. Velosio reconfigured Dynamics GP in the cloud and set up master records. The franchise had to manually re-key vendor information with the paper records that they had, but by day four, had onboarded users into the new environment.

    Replacing Physical Servers

    Apart from the usual risk of ransomware attacks, when you have physical servers, you take on ‘real-world’ risks including damage, destruction, natural disasters, fire, water damage or simply hardware ‘wear and tear.’ On premises servers mean businesses need dedicated IT teams to look after their systems and reduce downtime. They also need separate infrastructure for backup and disaster recovery, which takes a lot of time and money to implement. On-site servers must be patched and updated on a regular basis to lower the risk of cyberattack.

    Business Leader's Guide to RansomwareBusiness Leader's Guide to Ransomware

    Not All Cloud Options Provide Top-Level Security

    In July 2022, US managed service provider NetStandard, providing MyAppsAnywhere cloud services for Dynamics GP, Exchange, SharePoint, and CRM, suffered a cyberattack which shut down their cloud platform. This incident was first reported on Reddit.

    At the time of this article, NetStandard had not released information related to the type of attack that occurred or how the systems were infiltrated, but according to SC Magazine, Phil Neray, VP of Cyber Defense Strategy at CardinalOps, believes the attack likely started through a remove code execution vulnerability on their hosted Exchange servers.  Following the discovery of the breach, MyAppsAnywhere shut down the rest of their servers to avoid further attacks.

    Companies relying on NetStandard and MyAppsAnywhere to host their Microsoft Business Applications are now facing their greatest fear – no access to their systems or data and a complete loss of faith in their hosting provider.

    Azure Benefits

    When it comes to the cloud, it doesn’t get better than Microsoft Azure. After all, its cloud-based services are specifically designed for business. Organizations have the option to go full cloud or follow a hybrid approach, with a gradual transition from on-premises to cloud.

    The regional franchise can now sleep better at night knowing that Azure is more secure than their on-premises solutions. Azure security is second none. Microsoft invests $1 billion ever year into security, which includes protecting Azure.

    Azure Active Directory is a multi-tenant, cloud-based directory and identity management service. It allows IT admins to give employees single sign-on (SSO) access to multiple cloud software-as-a-service (SaaS) applications like SharePoint, Office 365 and more.

    In addition, it offers an extensive suite of identity management services which include:

    • Device registrationMicrosoft Azure Cloud Services for Dynamics 365
    • Multi-factor authentication
    • Role-based access control
    • Self-service group management
    • Application usage monitoring

    These services keep your business secure, ensuring only relevant users have access to your most sensitive information.

    Not only that, but by rejecting physical servers for the cloud you also eliminate the risk of physical security as you don’t have on-premises servers to take care of in your building. Between that and your virtual security, Azure helps secure your business on two fronts to prevent ransomware attacks.

    Where are they now?

    The regional franchise now has the latest version of Microsoft SQL, the newest operating system, and Dynamics GP hosted on Azure. Being on a supported version of Dynamics GP gives them access to hotfixes, updates, tax table changes, and more. The franchise has realized the importance of keeping their information and system up to date.

    Microsoft stands behind its Service Level Agreements, (SLA) which ensure that the franchise has continuous uptime. If Microsoft does not achieve and maintain the Service Levels for each Service as described in their SLA, then the franchise may be eligible for a credit towards a portion of its monthly service fees.

    Field Service Role Based GuideField Service Role Based Guide

    Campfire365 Ep.1 - The Big Disaster: Is Your Organization Ready for the Next Major Catastrophe