Garrett O’Hara is the Chief Field Technologist, APAC at Mimecast having joined in 2015 with the opening of the Sydney office, leading the growth and development of the local team. With over 20 years of experience across development, UI/UX, technology communication, training development and mentoring, Garrett now works to help organisations understand and manage their cyber resilience strategies and is a regular industry commentator on the cyber security landscape, data assurance approaches and business continuity.
Prevent cyber risks by not putting your eggs in everyone else’s basket.
Australia is now well-served with cloud services providers, with Amazon and Microsoft Azure now located onshore. However, the tendencies of some organisations to rely exclusively on single cloud service providers for day-to-day operations have exposed them to undue risk. With services such as Office 365, they are not only putting all their eggs in one basket: they are putting all their eggs in the same basket that everyone else is putting all their eggs.
The volume of users on cloud-based email services such as Office 365 means there is more malware created for these environments. Criminals know they have only one lock to pick to gain access, so they focus their attention on these email cloud services because of the potentially large payoff.
As more businesses move email and data to Office 365, there’s an increased need to protect against malicious or accidental loss of data. Our March 2019 Email Security Risk Assessment (ESRA) report, an aggregated analysis of tests that measure the efficacy of widely-used email security systems globally, including Office 365, illustrated the scope of the problem. Of the more than 232 million emails inspected, existing email security systems missed more than 26,000 malware attachments, 53,000 impersonation attacks and 23,000 dangerous file types.
What You Really Get From Office 365
Microsoft offers certain data protection capabilities as part of its Office 365 services, which are designed to protect against data loss caused by its own infrastructure failing. But these services don't always offer protection against accidental deletion, data corruption, advanced cyberattacks or malicious users or administrators. These can often lead to downtime which can bring business operations to a standstill. Email continuity is essential to any efforts to maintain productivity but is not always achievable when all business-critical applications run on a single cloud provider’s infrastructure.
It’s not only email data breaches, human error or technical error that can cause downtime for an organisation. Well-reported and widespread Office 365 outages — one of which took place in Europe in mid-January — highlight what can happen when email data becomes unavailable. Outages pose serious productivity risks to users who rely on SaaS monocultures to support their operations.
Even more concerning is the possibility that employees will turn to their unsecure personal Gmail or Yahoo Mail accounts when Office 365 goes offline. You then have absolutely no control over email activity.
Important data stored on Office 365 can also be lost due to accidental or malicious deletion or ransomware. If you don’t have an independent backup in place, and deleted data passes through short term folders such as the Recycle Bin, Deleted Items folders or retention policies without being recovered, it is lost forever.
How Can You Improve Cloud Email Resilience?
To mitigate the cyber risks associated with cloud services, organisations should look to improve their cyber resilience. An effective cyber resilience strategy should include layered security protection, independent data storage and alternative access routes to key systems like email, for when the worst does occur.
The cyber resilience strategy should further include a backup and recovery plan. This was always a priority for organisations when their systems were on-premises. The fact that data is now in the cloud does not change this.
Recent Osterman Research titled Why Your Company Needs Third-Party Solutions for Office 365, indicates that organisations globally are starting to supplement the service with third-party products to achieve cyber resilience. The study found that nearly one-third of organisations implementing Office 365 plan to use third-party solutions that will provide improved security, archiving or other capabilities, rather than relying on what is available natively in Office 365. In fact, 37% of the typical Office 365 budget in 2019 will be spent on a cheaper plan in conjunction with third-party security, archiving and other solutions.
Increased adoption of email cloud services is a welcome development especially in the small-to-medium business sector and will support these organisations as they strive for greater agility and scalability. But putting all your eggs in one basket—the same basket as everyone else—leaves you exposed to a broad range of cyber risks that can have a debilitating effect on your operations.
Using a third-party provider and having an effective cyber resilience strategy provides a safety net and enables you to quickly return to standard operations without losing critical data or productivity.
This article was adapted from one published here.