Office 365: The Impact, Prevention, and Recovery
If you have read the other articles in this series. You will know about Office 365, and you will know about the shared responsibility model. (If you missed the last two article entries find them in the hyperlinks in the sentence before.) So, you know about the shared responsibility model and how secure Microsoft keep their share of the responsibility. What would the impact be if you were not to play your part as sufficiently? In this article, we will look at the potential impact of when things do go wrong. After that, we will look at prevention & recovery, and the things we can do to try and lessen the damage.
Imagine the following: You have been using Office 365 for a year or so. During that period, your workflow and processes have migrated over to Microsoft’s cloud, due to it all being stored on your OneDrive. Things run smoothly and collaboration is great, but what happens if some data is irretrievably lost? Well, if that is just one document or folder? The chances are that the repercussions will be to rework what is missing and maybe some delays to a single project. This would most usually be the result of an in-house error. The impact won’t be negligible, but chances are you can keep it under control. The impact on your business won’t be too disastrous.
What happens if it is more than that? We shall use an example we have come across before. Imagine your network has been the victim of a cyber-attack. The hacker gains full access and shuts down all vital components including emails and e-phone (VoIP) lines. There is no sufficient recovery in place. No matter what attempts to recover, only the hacker can determine the companies fate due to an insufficient back. Supply chains are locked off, contact with suppliers and customers is made impossible. The only option is to create secondary public email accounts (Gmail, Yahoo, basic Outlook) and manually start the process of contacting customers and suppliers – having to explain why you disappeared from the face of the earth. In this example, the company was offline for over two weeks. Do you think your company could survive this? Two weeks with no work, probably resulting in no profits and maybe losses. Then ruin to reputation on top? Chances are smaller companies wouldn’t last and bigger companies may survive, but unless they were a mega-company the damage to the brand may be irreparable. However, we must admit this is a worst-case scenario, two weeks down IS a serious cyber incident. So, what do the numbers tell us about the average case scenario?
“Gartner’s 2019 study estimated that by 2022 70% of all organisations will have suffered a business disruption due to data loss using a SaaS-based offering.”
The chances are then it’s a matter of when not if you will experience some form of disruption. But what do the numbers tell us about the impact of such a disruption?
KPMG’s 2015 – Small Business Reputation & The Cyber Risk shows us that:
- 89% of small businesses who experienced a breach said it impacted their reputation.
- 31% of SME’s saw a negative impact on their brand
- 30% reported a loss of clients due to the breach
- 29% reported a reduction in new business following the breach
This shows just how much damage a breach really can do to your business. With more and more legislation around the protection of data these numbers surely would have increased, we await newer studies for evidence of this.
The chance of a negative impact on your business then is something that must be considered greatly. At this point, it’s worth pointing out again, that issues will very rarely occur as the result of Microsoft. In this case then to aid prevention, what can you do to be as dedicated to security as Microsoft are?
The first place to start is with regular training and testing of your employees. The number one way hackers will infiltrate today is through phishing scams. Phishing, for those who don’t know, is where a hacker pretends to be someone within an organisation. Using emotional triggers to trick someone into giving access, unaware of the hacker’s presence, they believe it is someone they can trust. Constantly training your staff on the most up to date schemes, running mock phishes to test just how prepared they are is key. Partner this with a phishing and spam filter and you will be well on your way to achieving ultimate resilience. On top of this, a password manager is another great tool. If best practices are followed, no one should be using the same password for any account. All passwords should be as long as allowed for that specific account. Created randomly using the password manager, with a combination of letters, numbers, and symbols. This can then be stored in the password manager. It doesn’t need to be memorable as the password manager does that job for you!
Another step to take would be to have a rigid hierarchy of admin rights and privileges. There is no need to give employees access to files they don’t need access to. No matter how trustworthy! You are not only stopping that individual from accessing said files, but you are also stopping anyone who gains unauthorised access to that individual’s account, like a hacker. That new low-level sales rep? No matter how good and trustworthy they are, they don’t need to see anything related to numbers and finance. Additionally, any project not related to them don’t let them have access. This will help to build up your resilience and not allow any back door activity to go on. Finally, use a system tracker that flags up any unusual behaviour. These tools can tell when a user is doing something uncommon and will need admin rights to allow them to proceed. An example of what it may flag up is when an employee randomly starts to delete a lot of files. It may seem annoying to have to sign off when things are being mass deleted as planned, but in the event, this was not supposed to happen, you will soon be thankful that the process was put in place. These are just some of the key practices you can put in place for optimum security. To discuss these in more detail, as well as learn even more steps that can be put in place. Contact us when you’re ready, we can run a review and ensure you are as resilient as possible.
For when prevention does fail, recovery options need to be put in place as a fail-safe. But what do recovery best practices look like? The two key factors are the recovery point and the recovery time objective. To know what best practice looks like for you, you, therefore, need to ask yourselves: How much data can I afford to lose? & How long can you wait to be fully operational? Different companies will find different answers to those questions, and it will impact your business continuity planning. This, in turn, will then influence your disaster recovery plan, how many back-ups you have and how many providers you use. Those who practice the utmost best recovery practices will always have more than one backup file, with different providers. This will result in the shortest time to get back fully operational, and usually mean less data was lost. To improve how much data is lost even more we advise making sure you have backups saved at regular intervals. This could be at the end of every day or the end of every week depending on your business. Any longer and issues will most definitely start to arise. Saying that however, of course, be aware that the more regularly you back up the more storage you will need to have allocated. Some providers do not offer unlimited storage so always be conscious of which additional cloud providers you use and the package you are on.
On top of this, to be even more like Microsoft, make sure you heavily analyse when something does go wrong. Find out the who’s, what’s and how’s of the cyber-attack. Make sure that none of the reasons for the attack can occur again. Whilst doing so you may even uncover further hidden vulnerabilities so the most thorough of audits are always advised. Want any more advice on best practices for recovery? Head over to our website or send us a message on Linked In. We will organise a review at your earliest convenience, making sure your business continuity plan and disaster recovery options are the right solutions for your business.
Office 365 really is one of the best app suites out there. With multiple packages for businesses and enterprises, there is an offering for any company. From one-man-bands up to the largest of corporations, Office 365 will have an offering just right for you. On top of that, it’s supremely secure from Microsoft’s side and with the right tools and practices can be super secure all around. All of that makes Office 365 sound foolproof, but always remember disasters can occur. Whether the source is internal or external you can never be complacent and rely too heavily on Microsoft. Always remember that the data is your responsibility, so treat it as the sensitive data that it is. Business continuity plans will still need to be put in place; without them, your reputation could be severely damaged.
We hope between our article series and webinar, you now feel you know all you need to on office 365. However, we appreciate there really is a lot of information to take in. With so many apps, that can be utilised in different ways it can even for the most tech-literate people be hard to truly understand what is right for you? At IQ in IT we take our devotion to tech to a different level and navigating through things like this is our second nature. If you have any questions don’t hesitate to get in touch. Whether it’s you want to know what Office 365 package is right for you? Maybe you already are using Office 365 but feel it can be streamlined even more? It could be you want to know more about recovery and backup? Or do you feel you need to improve those security practices? There really is so much to consider and this is just on Office 365 alone. Don’t let the tech get the best of you, you should be getting the best out of it! So, get in contact, we can start you on your journey into technology success today. After all, we can make the world of tech work for any business.
About the Author
Juri Weidenkeller is the Head of Business Development at IQ in IT. His IT career began at a cyber security vendor. He worked with 400 different IT support companies and managed services providers across the UK and Germany before joining IQ in IT in 2021. His interest is in operation excellence, making the most out of technology, security and good customer relationships.
If you want to learn more on that topic, ask Juri a question (about his name for example) or if you have any other questions, don’t hesitate to get in touch. There is a “Schedule Online” button in the top right corner of this page that leads you to our calendars. Or ping us a message through the comments.