B2B Tech Talk with Ingram Micro
B2B Tech Talk with Ingram Micro

Episode · 7 months ago

Ransomware Solutions and Protecting Office 365


An organization gets hit with ransomware every 11 seconds.

With data dispersed everywhere, it’s become increasingly difficult to know if your data is secure—and how to protect it.

Shelby Skrhak talks with Jeremy Snow, System Engineer at Veritas, and Gus Iannello, Technical Account Manager at Ingram Micro, about:

- The prevalence and impact of ransomware

- The vulnerabilities of Office 365

- Best practices to protect against ransomware

For more information, listen to the last episode with Jeremy and Gus and check out Veritas Ransomware Protection Solutions.

To join the discussion, follow us on Twitter @IngramTechSol #B2BTechTalk

Listen to this episode and more like it by subscribing to B2B Tech Talk on Spotify, Apple Podcasts, or Stitcher. Or, tune in on our website.

Mhm. You're listening to B two B tech talk with ingram Micro, the place to learn about new technology and technological advances before they become mainstream. This podcast is sponsored by ingram Micro's. Imagine next. It's not about the destination, it's about going someplace you never thought possible. Go to imagine next dot ingram micro dot com to find out more. Let's get into it. Welcome to B two B tech talk with ingram Micro. I'm your host, Shelby skirt hawk and our guests today are Jeremy Snow system engineer for veritas and gas. I en ello technical account manager for ingram Micro. Gentlemen welcome. Thanks for having us. Thanks for having us. Shall be. Well. So today we are continuing our conversation about ransomware and also protecting office 365. So here is the fact that I think would keep our listeners up at night. An organization gets hit with ransomware every 11 seconds. So I guess let me ask what and why does that keep you up at night? Sure. Well, you know, that's a question I think a lot of folks are asking is uh, you know, how concerned should I be about ransomware. Right. And I would say, you know, this keeps me up at night because I'm constantly worried about my data and we have data everywhere. Now it's on prem, it's in the cloud, it's on removable storage devices with this decentralized workforce. It's on laptops and peripherals traveling all around and because it's so dispersed, it's become really hard to not only know if your data is secure, but you know, locating vulnerable data that may be exposed to an attack, understanding what data is considered to be sensitive or needs to be brought in to to be compliant with a certain regulation or business standard. And because it is so hard to to understand that about your data now, it's really understand hard to understand what the impact of a ransomware attack will be. And and like you said, ransomware is happening all the time now. So it's not a matter of if, but when you will be hit from ransomware and if you don't have good control of your data, you really aren't sure what the impact will be, whether it's a large financial cost damage to reputation or so bad that you you can't recover from that. Right? Well, you know, having that data distributed uh you know, on the last episode we talked about data silos and dark data and you know, having so much data all over the place that you know, it can be hard to really know the impact until you're in it. And that's not that's not a good strategy because there's certainly you have to be able to plan for those things. So jeremy when you're on the show last time we talked about veritas strategy of protect detect and recover. So essentially this is building that...

...strategy for when ransomware hits and exposes a vulnerability. So can we talk about you, what are some of those high profile ransomware cases that really exposed the blind spots that companies really should keep in mind? Yeah, absolutely. So I mean as you mentioned before, you know, when we spoke about our strategy protect detect and recover, you know, the first step obviously is protect and you know, Gus was talking about it earlier was, you know, you've got to protect your data, that's the first step. You know, when we talk about high profile cases, I mean realistically any business is at risk for ransomware, um any type of business to, you know, Gus was talking about before as well and alluding to is that it could be a reputation of the company, it could just be a financial gain, but you can have large organizations or small organizations and they're gonna come after you, you know, you see different methods of how they do go about this as well. Um you know, a lot of people think that ransomware is based on someone you know behind their computer and sort of hacking away and trying to encrypt maybe your password, but that's not really the case. It's, you know, what they're looking at is potentially weak points and as to your point gaps, you know, vulnerabilities in the system and you know, usually what that is, it's humans, um it's human error. So you know what we see from a let's say we're using Office 3 65 as an example, you know, you're looking at phishing scams which are more generalist sort of emails to gain access and gain trust something that you may be c and it seems familiar to you or spear phishing that directly sort of points towards you. So you could have your actual name involved, some more personal information that they were able to gain on some type of social media. And then at that point you click this and you put in certain information may be a password reset and all of a sudden they have obtained your account and then maybe that's where they're able to bridge in and go in after everyone else as well. And at this point, right, if they get access to your information, your data, they can encrypt all this. And this is at the point where it's at ransomware. So you know, you you see all these large cases, you know, the colonial pipeline being, you know, one big ransomware attack. Another one actually was just reading about, which is funny, which is I think more close around your neighborhood. Gus is the, it was the buffalo public schools. So you know, you you look at one industry which is, you know, fuel, but then you look at the education, I mean they're really coming after anyone where they can get some type of financial gain or some type of, you know, discrediting that company's information, which also is sort of, you know, a financial gain if they're sort of devaluing the company or the company's losing money, some type of financial loss. So again, you know, realistically when it comes down to it is that they'll come after any type of size of organization to get what they want. And you know, a lot of times they're looking at humans to sort of produce that air so they can gain access. Well, you mentioned it, I mean, you know, humans can be the vulnerability and and the the gap that the entry point basically that that you know, these hackers are looking for and you mentioned a good point that these aren't just, you know, an individual behind a computer kind of just, you know, hacking away trying to get into a password. I mean these are...

...sophisticated, very complex organizations that are launching these attacks. So I guess when we look at office 365 and the vulnerabilities that are out there, how vulnerable is it? And what then, are are the solutions that are possible? Well, you know, I think it's it's safe to make the claim. Uh that Office 3 65 is one of if not the most used cloud based application. Right. So it's a complete gold mine of data, especially when you factor in things like teams and one drive like jeremy mentioned uh you know, phishing attacks on email services. So essentially it's a huge target and one of the things that a lot of organized organizations still don't realize is that Microsoft has no responsibility in protecting the data you house in it, this is known as the shared responsibility model and if you look through the Microsoft documentation, they have a chart that has information and data right at the top of it and it states clearly that that is a Microsoft customer is your responsibility to maintain its integrity. And unfortunately there are still organizations out there that have not put solutions in place that protects this data which continually makes them a target. And you know, that's really where solutions like veritas net back up SaS protection comes into play because it is a a solution targeted to protect that data existing in the cloud. And what's cool is that it's cloud native, right? It lives in the cloud so that you have a similar experience with your data protection that you do to these, these SAAS applications, that's why a lot of folks are moving to them, right, You know, not having the physical footprint on site if you don't want it. So putting solutions in place to to really strengthen office 3 65 not only from ransomware but from things like accidental or malicious deletion. Right? You know, we have to protect our data from internal threats just as much as we do external threats. So folks really need to start looking at ways to to secure that data and take more control of it, especially as it expands and it's only going to expand, I wonder if um if either one of you can expand a little bit on those, I mean, so you started to mention the uh you know, either accidental or malicious deletion. What are some of those, you know, again, you know those bullet points of concerns that probably our partners and resellers are hearing most from their clients. Yeah, I mean I guess if you want, I can jump in on that one. No, Absolutely. So you know, uh as Gus was mentioning that, you know, Microsoft is not responsible for any that this type of data if it gets accidentally deleted or if there's any type of ransomware attack and they supply a certain level of infrastructure to create a redundancy. So the services can still keep running but it's entirely up to the customer to protect their data. So, you know, back to either accidental deletion or you know, some type of malicious intent or some type of ransomware attack. Um you obviously...

...need some type of backup strategy in place to protect those workloads. So if I was a partner, I'd be asking my customers right away, I'd be saying, okay, well what are your workloads and and what is your plan right now? How are you protecting that data? A lot of times you're going to see these customers are like, why? You know, I thought that my data was protected since it's up in my car, you know, it's up in Azure and then they protect all this data and you know, and that's not the case. So a lot of times it's more of a, you know, you're educating the customer based on what it's limited to, you know, the defaults as far as if someone does delete a file accidentally, how long do they have to recover? Which is a very short period of time. So these conversations really go into sort of understanding the customer's environment, so understanding what workloads that they currently have in their environment and how if they are, how they're protecting those and then from there. And that's the first step as far as saying, okay, well if you're not protecting those workloads, part of the protect detect and recover, let's work on the protection point. And so you start getting the place as you know, Gus also was mentioning was net backups as protection. You know, being able to back up emails, one dr teams, this type of information where if anything does happen from a ransomware attack to accidental deletion, you'll have something in place to be able to revert back to the last copy in place for potentially several copies back in cases, some type of corruption or needing an older version of that data as well. So I would say definitely the partners is to be having these conversations with their, with their customers and figuring out what their strategy is right now protecting their workloads. Yeah. And I just to add to that uh, you know, we talked a little bit about How officers 65 really is becoming a huge uh silo of data and customers that have specific regulatory concerns or you know, they have standards that they need to meet, really need need to be able to take control of that data. So they continue their regulatory practices that they have on site and on prem on their own uh infrastructure and replicate that in the cloud. You know, always comes to mind is hipaa for me, you know, I did some time working at the Veterans Affairs Hospital and just the amount of sensitive data that these folks work with continuously now that that's being dispersed, you know, into into some cloud elements really does does matter when it comes to making sure that you're following regulatory practices, having tools that provide you the same deeper integration as far as not only back up, but, you know, data tagging or uh discovery classification, etcetera. So there really are more considerations that you you have to think about when it comes to regulatory practices when we're dealing with that data in the cloud. No, it's and I just want to jump in there. And that's a great point gus is that, you know, it's it's one thing to have the data, but to your point, I'm not a lot of customers are actually managing that data properly, whether it be unstructured, unknown data, personal information. Um, we're seeing similar...

...things like GDP are now being sort of mirrored both now in North America at the California Consumer privacy act and different regulatory acts as well. So it's a great point that it's not just about protecting your data but also making sure you're falling into those compliance and that personal information and how it's being handled. What then do you think it is? I guess one of the biggest fallacies you mentioned the fact that there's this assumption that if it's in the cloud, it's backed up. But yeah, that's that's not necessarily the case. Would you say that is probably the biggest education point that you guys are making or are there other kind of blind spots that are really concerning? Yeah, I mean, I would say definitely that's that one of the first ones is that I've been on multiple customer calls. Um and actually that was your first response was, well, you know, I got off at 3 65 in the cloud, so it's all protected and and then, you know, you go through which package they have, they may have any three and 85 you know, we'll bring that stencil and say like this is actually what you're getting um with your subscription and they don't realize that um, you know, that they're not protected if someone gets a hold of these accounts to encrypt their data that they're basically they're stuck. They're at a loss. Um, someone goes and delete this information and they don't react to it quick enough that potentially they might lose that data as well. And of course and any type of ransomware attack? You know, they might gain control of your environment, you know, back to what, you know, Gus was even speaking about is that maybe they take this information of your customers and now they use that personal information. This could be anything from, you know, you know, your personal address, payment information, anything really sore that can ruin someone's credit or potentially just gain other access to these clients. And you know, the ransomware sort of spreads outwards so, and again, of course these are all, you know, fines and, and also probably lawsuits that go against the customer. So I mean it could be a giant mess. So definitely I think educating the customer right away, just seeing what their level of knowledge is. And I always like doing that initially to sort of start off the conversation just saying, you know, what level of protection do you think you have currently with your subscription and then that's where you sort of expose where there's that cloudy area where they weren't really sure as far as what was protected versus what wasn't. Um, and then, you know, you start opening up that whole can of worms of what else, you know, what other type of war close do you think are actually protected that really aren't? Well, uh, when we look at these solutions then um, you mentioned something about educating the companies, but also those companies educating their own users. So along those lines, I mean what are some of the best practices that will really help partners provide real solutions for their clients jeremy? Yeah, so I mean from a practice standpoint, obviously, you know, when we talk about, you know, and we see a lot of this internal training at least happening within the within companies and even my company as well is that you know, there's no shortage of training when it comes to protecting against ransomware. So internally from a training perspective it's it's more about...

...knowing exactly the content that's being sent to you. Never never clicking something that you're not 100% aware of. So right away as you said, you know, the biggest weakness is the human unfortunately, you know, we have high levels of encryption data at rest data in transit, you know, you have, you know, single sign on services, you have multi factor authentication, these are all great and these are all methods to protect against ransomware, but at the same time if anyone is able to gain access to your account or a high level account, all that encrypt, all that encryption is basically pointless. So the first thing is the first line of defense is is training your employees first as far as how do I prevent this sort of question emails if you're on the fence or you're not 100% sure is what to do next. Right. Do you flag it and report it to your security team. But these are, you know, there's also an additional enablement on this where employees will get that type of training? Well, so um as we start to wrap up this episode, um you know, you guys have your, your pulse on, on cybersecurity and ransomware and so I'd love to uh either expand on what you guys had mentioned last time as where you see technology going in the next year or maybe focus in on something that you've mentioned today. So jeremy, I'm gonna start with you. Where do you see technology going in the next year? Yeah, no, absolutely. Um you know, it's a great question and it's funny, I think about this almost on a weekly basis and I projected based on the the calls that I have with customers in the discussions. You know, if you looked at anything like our topic today, about office 365, a lot of our mailboxes were actually, you know, located on prem on servers. Um, we're seeing most of our customers and clients now going up to the cloud. So if there's one thing that I can sort of, you know, highlight is that we are seeing more workloads if they can be migrated to the cloud that they will. So definitely from an Office 3 65 perspective, we're seeing a lot of people adopt that from a workload perspective, you know, whether it's data center is trying to move specific workloads off their hardware, this is another point, we're seeing a lot of customers start evaluating, you know, if they can, from a compliance perspective, some, you know, governments want to keep their traffic all sort of siloed in a data center and they don't want it up in the public cloud. But what we're seeing is a lot of customers evaluating that and the costs associated to maintaining this on a data center versus not worrying about, you know, having to do perform the upgrades on the servers and maintain a certain level at the data center level, but just saying, you know what, let's put the servers up there and run our applications and let's just worry about the application. So I'm seeing a lot of, you know, and with Covid as well, right, with remote working, this is one of the big pushes, I saw at least the beginning of Covid was, you know, people are like, okay, well we can't come to the data center, but having, you know, something in the cloud where you can work around makes life a lot easier. So, you know, that sort of factors in for the remote working. So, um, anything adopting cloud, as long as it's sort of balances with budget, I think you've seen a lot of work clothes go there, guess how about you? Um, well, you know, I I really believe that there is going to be a renewed...

...focus on the, not only just the security side of things, but specifically the data protection. Right? Because when you're, when you're talking about security, obviously people think firewall, they think, you know, virus detection or ransomware detection, et cetera. And that is a huge, huge piece of it. But the data protection peace and whether it's backup or disaster recovery is just important. It's a it's a 12 punch if you will. And you know, in the past, when you talk to folks about backup or just general data protection there, you know, attitude towards it was kind of well, yeah, we have a solution that backs up our data were good, but now with how sophisticated ransomware has become and how frequent the attacks are, not only happening, but changing and and really evolving into becoming more of an issue to deal with that old backup methods really aren't secure enough to keep your data protected folks really need to consider what they're doing with their backups and and their data protection strategy so that it's modernized to handle these these new threats, you know, they need solution or backup solutions that work with things like immutable storage so that their backups cannot be compromised. They need to have backup solutions that have some level of ability to do things like threat detection or audit access to the backup systems so that we can have better controls about who's accessing our backup information restricting access right role based access, so that we can bring more folks into the backup process to help provide some efficiency and optimization, but at the same time make sure that they can't access the certain things that we don't want them to access. So, you know, folks who have a backup solution in place today, you know, in a year from now, maybe looking to switch vendors or look for other other solutions within the vendors that they're utilizing, They provide these this functionality so that they really do have a strong protection plan and they're making sure that when ransomware does get in because like we talked about earlier, it's really a manager of when we can recover and we can recover quickly and they need to go with vendors that have a really good track record hint, hint and gus you brought up a good point. But you know, I think, you know, as we see a lot of these regulatory acts as far as how your data is handled, the fines associated with these are, I guess let's call it motivating um, you know, customers to properly, you know, make sure everything's in check because, you know, go online, you'll see some of the bigger organizations, you know, like facebook getting hit with some of these fines and they're they're not cheap. So I I think this is sort of putting in perspective and sort of exposing an issue where personal information now is starting to try to be handled a bit better and and sort of locking down your infrastructure, you mean meta. Right. My facebook Exactly, exactly.

We're going to take on Well that's a really great point jeremy especially when you factor in how much data growth is going to happen, not only just the next year, the next five years I talked to customers a lot and one of the biggest challenges they have is is auditing their data right. So they may have tools in place that they can pull all the data that they need to do an audit but they don't have the right tools to to really sift through that data to see, not even just from a compliance standpoint, but like a business efficiency standpoint, right? You know, is everything have business value. Am I holding onto the right things. Am I getting rid of the right stuff? Are my storing everything as efficiently as possible. So these are these are all considerations that moving forward as data grows, you know, protection is a huge piece of it. But smart insights and audit capabilities into data and making decisions about it consistently are going to be really important to be competitive. Yeah. And just to sort of finalize on that and I swear I'll be quite after that. But you know, you brought up a good point that reminded me also that now we're starting to see specific insurance associated to ransomware. So we actually see customers now that are trying to get ransomware insurance in case they're hit with ransomware and a lot of these analytics and having deeper visibility of your infrastructure to show to the insurance company stating that, you know, this is how we're sort of securing our data and a full report. This helps reduce that insurance. Um, so this is another topic that you know, that I've actually seen come up a few times now in the last few months. So you know, another thing that might come up, but I mean these are all sort of directing towards obviously having a better picture, a better plan of your environment in a ransomware protection for sure. There might be an interesting podcast in the future. Absolutely. Well, if our listeners want to find out more about what we talked about today, how can they reach out? Sure. Well, you know, if they'd like to reach out to me uh Gus Ionela at ingram micro dot com, I'd be happy to to provide them some more information, jeremy and I work very closely together, you know, him being on the veritas side, me being internal to ingram. So yeah, we can provide any information on specific solutions. You know, even if if partners just want to talk conceptually right now about how they can build or play or strategy to help their customers with these types of challenges. Be happy to assist. Yeah. And on my end uh you know, if anyone needs me from my side as well, it's jeremy dot snow at veritas dot com. But you know, I just mentioned we work closely together so you get a hold of one of us will be happy to jump on a call and have a nice discussion on this fantastic stuff, Jeremy and Gus, thank you so much for joining me. Thanks for having us. Thank thank you for having us and thank you listeners for tuning in and subscribing to B two B tech talk with ingram Micro if you like this episode or have a question, please join the discussion on twitter with the hashtag B two B tech talk. Until next time I'm Shelby skirt hawk. You've been...

...listening to B two B tech talk with ingram Micro. This episode was sponsored by ingram Micro's. Imagine Next B two B Tech talk is a joint production with sweet fish Media and Anger Micro. To not miss an episode. Subscribe today to your favorite podcast platform. Mhm.

In-Stream Audio Search


Search across all episodes within this podcast

Episodes (407)