Should you pay a ransom for a ransomware attack?
How much prep work does a wannabe cybercriminal need to set off a ransomware attack?
Who/what are the targets of ransomware?
These are just some of the questions and topics explored in the recent 60 Minutes feature, Ransomware: How Cybercriminals Hold Data Hostage.
What is ransomware?
Ransomware is a cyberattack that encrypts your computer system’s data, rendering it useless. The criminals ask for a ransom amount, typically in hard-to-trace cryptocurrency, in exchange for decryption keys that will reverse the encryption process.
Ransomware is a serious threat to businesses and organizations large and small.
Credibility keeps the ransomware machine going
Should you pay a ransomware ransom if you get infected?
Some experts believe paying a ransomware ransom may actually be best if you have no other recourse.
Take Leeds, Alabama, for example. The cybercriminals asked for $60,000 and Mayor David Miller said they negotiated down to $6,000. He claims that payment got them keys to decrypt the files that were held hostage.
The City of Atlanta, attacked shortly afterward with ransomware, refused to pay the $50,000 ransom on their encrypted data. As a result, they had to pay millions in recovery.
“Honor” among cybercriminals helps keep the money coming in. If the decryption keys never worked, people would stop paying.
However, take note that there are many businesses who paid the ransom and either got useless decryption keys or none at all!
5 minutes to execute a ransomware attack
Slightly over five minutes: That’s how long it took Tom Pace, a guest security expert in the 60 Minutes feature, to log in to a ransomware-for-rent website and successfully attack and encrypt a test network.
Yes, five minutes.
Pace did not write a single line of code in the process.
Phone, devices, IoT
Cybercriminals target business and organizations of all sizes, from “little” Leeds, Alabama to “great big” Atlanta.
Hospitals, municipalities, large corporations, and mom-and-pop shops — they’re all fair game.
As more and more devices tap in to the internet, expect to see attacks on those as well.
This so-called IoT, or Internet of Things, could present many security challenges.
Imagine phones and other devices held for ransom… or used to control other devices.
Security forevermore
“Ransomware will be a fixture in the internet-connected digital world for the foreseeable future,” said Brian Walker. “Computer users and those who protect them must remain vigilant against existing and future threats.”
The best defense against ransomware is layered security. Since there’s not one single appliance or software that can provide an impenetrable barrier against threats, having multiple barriers can make it more difficult for attackers to get through.
The ultimate failsafe against infection is a solid backup and business continuity plan in place.
Even with the best security in place, a single user mistake or lapse in judgment can allow the bad stuff in.
“Indeed, user awareness will be a key weapon against cyberattacks,” stressed Walker.
“For a free ransomware/security consultation, Thrive can help. ”
Cybercriminals Targeting Lower-Level EmployeesCybercriminals are constantly shifting their tactics.
As security vendors, business owners, and cybersecurity professionals mobilize to shore up vulnerabilities and bolster network defenses to withstand the latest threats, cybercriminals counter by altering their strategies. As the good guys move likewise, the bad guys try something new and unexpected.
Think of an insane chess game where what’s at stake is your data, the lifeblood of the modern business. If you’re forced to a checkmate, you may very well find yourselves out of business.
Lower-level employees, high-priority targets
As security measures improve, and executives and business owners get up to speed with the big threats, cybercriminals are shifting their methods. Their latest tactic is to hit rank and file employees en masse. These folks typically don’t have extensive training in cybersecurity trends.
Per Proofpoint’s Protecting People Report, about a third of phishing attacks target generic company emails (think info@ or sales@).
The precision strike mentality of some sophisticated cyberattack campaigns seems to be ignored (at least for the time being) in favor of blanket attacks targeting six or more recipients. The report mentioned 80% of the organizations experienced these types of mass attacks.
40% of the organizations in the report were on the receiving end of 50 or more phishing attacks.
Security and user awareness are vital
No longer can the security conversation be put off to a later date.
Every business, whether large or small, needs to put security and user awareness at the forefront of their priorities.
“All it takes is one employee to click the wrong thing and your systems can be shut down,” said Brian Walker, VP of Southern Region at Thrive. “Nasty malware such as Emotet and TrickBot can spread rapidly and cause a nightmare scenario.”
“Email continues to be a large attack vector,” said Aaron Allen. “Thrive can provide services and training to help prevent system infection. Our security experts have done battle with the common strains, and we’ve developed exclusive security ‘recipes’ to combat them.”
“For the ultimate in security and IT management, contact Thrive,” said Walker. “We’ll handle all your IT (hardware and software) and cybersecurity for one fixed fee. “
Stressed Taxpayers Bombarded with Scam EmailsA scam email campaign is being blasted out, preying on taxpayers weary of the trials and tribulations of tax preparation. This particular email hits at the common fear taxpayers have of making a grievous mistake in their tax returns and incurring the wrath of the IRS.
WannaCry revisited?
The email begins with the statement, “Forward this mail to whoever is important in your company and can make decision.”
The attackers say they have evidence of tax evasion or other fraudulent tax-related activities.
The email goes on to warn the victim that they will be on the receiving end of a cyber attack onslaught, including a DDoS attack and the dreaded WannaCry ransomware, if they don’t comply with the attackers’ demands.
The attackers are asking for two bitcoins, which is roughly $10,000. Cryptocurrency has become the payment method of choice of cybercriminals due to its untraceable nature.
What they’re demanding is essentially hush money for the supposed illicit financial activity. This concept is quite similar to other scam campaigns, such as those where attackers claim they have evidence of infidelity or webcam footage of you.
Phishy red flags
Right of the bat, there’s evidence of a scam. The attackers are fishing (phishing?) for the person in charge. They don’t know. If they have this supposed tax evasion evidence, they would most certainly know what’s going on.
They make mention of intercepted documents and data, but these are extremely vague statements.
A classic pressure tactic is to mention a countdown. The attackers claim they can see when a message is opened and will start the march towards the infection deadline when this happens. The attackers want you in a state of panic so you may be more apt to perform rash actions.
There’s nothing in the samples found by security researchers that shows any specificity, just blanket statements. This is a classic scam email, and it should be avoided.
Staying safe
User awareness and basic cybersecurity training is a must for all businesses.
“If you own a business, you absolutely have to educate yourself and your staff on current cyber threats,” said Brian Walker. “All it takes is one user to make a mistake for a cyber incident to occur. We’ve seen this happen over and over.”
“Thrive provides many security services, such as managed firewalls, backups, and enhanced breach protection at the DNS level,” said Aaron Allen. “We also provide security training for your staff, as well as phishing and penetration testing to evaluate your susceptibility to attack.”
Thrive’s security testing can indeed illuminate heretofore unidentified attack vectors, and many of our customers have benefited from the knowledge gleaned during these tests.
“For the ultimate in IT security and service, trust Thrive.” said Walker. “We’ll handle all your IT and network security for one fixed fee. Contact us today!”
Don’t Get Tricked by TrickBot!
As we near Tax Day, a potent, tax-themed malware campaign is heating up, looking to snare unwary filers.
TrickBot, data-nabbing malware
Tax season can certainly be a stressful period. Filling out forms chockful of fields and rifling through boxes trying to find the final receipts needed for your HSA claim can leave you frazzled. Hackers are banking on this and the fact that financial forms and tax correspondence have a high chance of catching your eye when you’re scanning your inbox and separating the wheat from the chaff.
TrickBot, developed in 2016, is a fairly recent trojan that infects Windows PCs. It targets banks, purloins sensitive data and credentials, and can even steal from Bitcoin wallets. Needless to say, the TrickBot masterminds are financially motivated. They show a flair for constant innovation in the way of new features and enhancements in their product, and that’s bad news for computer users.
Ever-evolving social engineering
This latest tax season TrickBot campaign utilizes malspam and social engineering to trick filers into opening the attached malicious Excel document. The email may appear to come from ADP, Paychex, Intuit, or even the IRS itself.
Attackers are getting better at making their malicious replicas look authentic. However, with careful scrutiny, one will likely notice the hallmarks of malicious correspondence. Many attackers are foreign, thus there’s typically a sprinkling of grammatical errors or awkward phrasing.
One should also examine the email sender address. See a fishy-sounding or outright cryptic domain? Steer clear from that email.
TrickBot infection: hard to detect
TrickBot is a bundle of modules, each with its own specialty, such as propagation, encryption, and credential theft.
After infecting the computer, the malware will look for targets in the network. Financial information, tax documents, and account credentials are located and sent back to the attackers.
The average user may not even be aware their system has been infected. Astute network admins, however, will more than likely notice some abnormal activity in the form of unusual traffic and attempts by the malware to communicate with the TrickBot command and control servers.
Staying safe
Even if things look legit in an email, you may still have a funny feeling about it. If that’s the case, trust your instincts. Get the advice of your IT department or managed security provider before proceeding further.
Alternatively, you can reach out to the sender via another channel: a separate email, a contact form on the company’s website, or a phone call.
“If you own a business, network security is an absolute must,” said Brian Walker. “Since there’s no single piece of hardware or software that can block all possible threats, layering up your defensive measures is a good policy.”
“Thrive provides many security services to help keep your data safe,” said Aaron Allen. “Thrive provides proactive IT monitoring to detect unusual network activity. InDefend, one of our newer products, helps block communication to the dark web and malware command and control servers by protecting at the DNS level. Our mature business continuity service, is the perfect last line of defense, allowing you to restore data in the event of total network disaster.”
“Thrive will handle all your IT and network security for one fixed fee. Contact us today.”
Ten Types of Computer Networks: An Easy A-Z GuideWe make connections on networks every day, whether it’s your own network, or someone else’s. Whether visiting your favorite website, downloading a PDF, or printing a document, each requires a network to get you there. But with so many variations, it can become a bit confusing. This simple guide breaks down the ten most popular types of networks, and how they are used.
1. Campus Area Network (CAN)
The network for education.
Found in: Universities, large K-12 school districts.
Used for: Sharing information and resources across several buildings in close proximity to one another.
Consists of: A number of interconnected local area networks (LANs) to increase geographical reach.
2. Enterprise Private Network (EPN)
A companies personal network.
Found in: Various organizations.
Used for: Securely connecting shared computer resources across a number of disparate offices.
Consists of: Infrastructure built and owned by the business using it.
3. Local Area Network (LAN)
The most common type of network
Found in: Medium and large organizations.
Used for: Sharing information and resources within a building or between a group of buildings located near one another.
Consists of: A group of connected computers and low-voltage devices.
4. Metropolitan Area Network (MAN)
Similar to, but larger than, a LAN.
Found in: Towns and cities.
Used for: Sharing information and resources across an entire metropolitan area.
Consists of: A group of connected computers usually owned and operated by a single person or company.
5. Passive Optical LAN (POLAN)
The next generation design for LANs—and a money and space-saver.
Found in: Indoor network architectures, small campus networks, and multi-story buildings.
Used for: Upgrading legacy, copper-laden architecture, reducing complexity, and increasing performance.
Consists of: Rack-mount patch panels and cassette-style splitters that integrate with an Ethernet network.
6. Personal Area Network (PAN)
You probably use one every day.
Found in: Homes or small offices.
Used for: One person.
Consists of: A wireless modem, personal device (computer or mobile), printer, etc.
7. Storage Area Network (SAN)
A dedicated high-speed network of storage devices that is accessible to multiple servers.
Found in: Mostly large organizations (due to expense and management complexity).
Used for: Providing fast local network performance.
Consists of: Interconnected hosts, switches, and storage devices.
8. Virtual Private Network (VPN)
A service used to encrypt data-in-flight.
Found in: PCs, laptops, smartphones, and other mobile devices.
Used for: Obscuring the content of your traffic from your internet service provider or public WiFi provider.
Consists of: Downloadable software applications.
9. Wide Area Network (WAN)
The most basic example of a WAN? The internet itself!
Found in: A wide variety of locations around the world.
Used for: Connecting computers across long physical distances, even overseas (ATMs are another good example).
Consists of: It varies; WANs can connect using the internet, leased lines, or satellite links.
10. Wireless Local Area Network (WLAN)
Otherwise known as Wi-Fi.
Found in: Restaurants, hotels, hospitals, you name it.
Used for: Sharing information and resources within a building, or between a group of buildings located near one another.
Consists of: Wireless technology; unlike a LAN, no physical cables are needed to connect.
We hope you found this guide useful. For weekly cloud-based stories and more, check out the Thrive Blog. And if you are interested in learning more about Thrive’s comprehensive IT services, contact us here.
Ryuk Ransomware Disrupts Major U.S. Newspaper ProductionThe New Year is here, and the ransomware scourge shows no signs of abating.
Over the past weekend, a major newspaper publisher experienced a server outage that interrupted the production and distribution of U.S. newspapers including The New York Times, The Wall Street Journal, Los Angeles Times, and Chicago Tribune.
It’s suspected the source of the server outage and disruption is ransomware. Several sources have indicated corrupted files with the .ryk extension were found. This is the calling card for the Ryuk ransomware strain.
What is ransomware?
Ransomware is a digital menace carried out by cybercriminals. Ransomware seeks to hold a computer’s data for ransom by encrypting it, rendering it unusable.
The cybercriminals will then request a payment, typically in cryptocurrency, for the decryption of the files.
Paying the ransom is a risky proposition, as there are many reports where the cybercriminals don’t uphold their part of the bargain. You’d also be encouraging the cycle of ransomware to continue.
Unfortunately for some businesses, paying the ransom may be necessary, especially for those with no proper data backups and with encrypted data that’s mission critical.
Malicious emails continue to be a major security concern
Malicious emails or spam (malspam) is one of the main sources of ransomware infection. These types of emails can contain links to malicious sites or have attachments (such as Microsoft Word documents) that will infect upon opening them.
Though scams in the past may have been relatively easy to spot, modern attacks can be hard to detect. Cybercriminals are using social engineering to tailor the attacks to their victims. Emails can contain industry-specific lingo that jive with a target’s line of businesses, or may appear to come from a service or individual they currently interact with. The emails can include branding and graphics that make the scam even more difficult to discern as bogus.
Ryuk, ransomware tailor-made for targeted attacks
Ryuk appears to be a ransomware strain that’s engineered for extremely tailored, small-scale attacks. The encryption scheme seems to seek out the integral resources of a system. Some of the operation also appears to be carried out manually. Thus, the attackers behind the Ryuk attacks are probably highly experienced and not the type of neophyte cybercriminals who rely on crimeware, or exploit kits that are offered for sale by their programmers.
How to stay safe in the ransomware age
A layered approach to security is one of the best ways to stay protected against cyber threats like ransomware.
Businesses must invest in appropriate network security, including antivirus software and firewall hardware, for a proper foundation of security. Specialized security, such as protection at the DNS layer, is very welcome.
Business owners and IT personnel should educate employees on the current ransomware trends and tactics.
“Think before you click” is an appropriate mantra to keep in mind when surfing online or going through your daily emails.
If something looks suspicious, it probably is bad. If you need to verify a communication’s authenticity, contact the sender directly via their website, a separate email, or even phone.
Data backup: the ultimate insurance policy
A secure backup is the ultimate last line of defense. When your security layers fail, a good backup and timely restore can mean the difference between getting back to business and possibly going out of business.
Need weapons-grade data backup to keep your business protected from ransomware and other threats?
Thrive’s DRaaS is a mature backup, business continuity, and disaster recovery service fully managed by us. Data is securely backed up, and offsite replication in our data centers helps ensure that data stays alive.
With backups as often as every 15 minutes, and up to a years’ worth of backups, you can have the confidence of being able to restore mission-critical data in the event of total disaster.
Contact us today for a consultation.
How do you choose an MSP that’s right for you?We explore four simple tasks you can complete that will help you choose the right Managed Service Provider
There’s no shortage of Managed Service Providers on the market, all willing and eager to do business; but how do you ensure that the one you choose is ‘the right fit’ with your organisation? Here are four simple tasks you can complete that will help you pick the MSP that’s right for you.
Set your objectives
Before you start your search for an MSP, you need to build a clear picture of what you’re looking to achieve. Most often there will be a problem that needs solving, or a gap in skills or resource that you cannot handle internally. You may also want to leverage new technologies to facilitate digital transformation, or simply relieve the burden on your IT team.
Be sure to set clear objectives that you can use to benchmark success. These will form your brief, which you can then share with prospective MSPs.
Do your due diligence
Not all MSPs were created equal and conducting thorough due diligence allows you to quickly qualify prospective partners in and out. Build a list of questions that covers a range of topics including: their ability to understand your brief, financial stability, processes and service investments You can then assess their responses and shortlist those you are confident in.
Get to know your MSP
As you’ll be working with your new MSP for years to come, as well as placing a large amount of trust in them, you should take the time to get to know them. Speak to them about a range of topics, especially around their security policies and if they support hybrid infrastructure. You should also ask about their ethos and values as a company and the SLAs they offer.
Make sure the strategy fits – now and in future
What you require of your IT infrastructure will change over time, so you need to make sure your MSP can evolve with you. Ensure you share your technology roadmap with them and, if possible, get them to share theirs with you. That way, you can be confident that your infrastructure is safe for the years ahead.
The important role of back-up in IT securityRusty King, Thrive’s CTO in the European Division, explains why organisations should include back-up as part of their cyber security strategy.
At the recent Cyber Incursion conference, Rusty King, Thrive’s CTO in the European Division, explained our security proposition and why back-up is a particularly important part of it.
“In the face of a changing security landscape, it’s crucial to have two things: robust protection for your IT assets and rapid, reliable and secure access to your data and applications whenever you need it.” King explained, “without these, you can’t guarantee business continuity and you’re exposing your organisation to unnecessary risk.”
It should go without saying that a comprehensive, integrated IT security strategy is an essential component of modern business. Threats faced come from both inside and outside the organisation, with Gemalto’s 2017 Breach Level Index showing that 72% of all breaches are caused by a malicious outsider, while 27% is a combination of malicious insiders and accidental loss.
One of the most significant challenges businesses face is how to effectively and efficiently address the ever-present threat of social engineering, where users represent the weakest link. Kevin Mitnick, world famous hacker and keynote speaker at the conference, also shared how Security Operations Centre services play a critical role in enabling businesses to monitor, manage and mitigate risk.
The implications of a security breach are wide-ranging, from financial losses to reputational damage, and few will impact business continuity more immediately than loss of data. If key information is inaccessible or lost, the organisation grinds to a halt. This is where a reliable back-up and DR strategy comes into its own.
When implementing a back-up service, King suggests you focus on five key areas:
- Resilience – your data should always be available as you never know when you may need to access it
- Flexibility – you should be able to quickly scale your storage space to reflect changes in demand
- Security – your data should be encrypted end-to-end, stored at a secure location and be fully compliant with data protection laws including GDPR
- Performance – your service provider should use best-in-class hardware and software to deliver rapid back-up times with industry-leading SLAs
- Simplicity – choose a solution that’s easy to set up and manage, the last thing you want to do is lose time when trying to restore during an emergency
Lastly, King elaborated on how back-up fits into an organisation’s wider security strategy, explaining that “when combining back-up services with comprehensive threat assessments, alongside a managed security solution that protects all your devices, your organisation can quickly adapt to the changing threat landscape. What’s more you’ll have peace of mind that, should the worst happen, your mission-critical data is at hand whenever you need it”.
You can find out more about our security, Backup and Disaster Recovery services here.
Cloud Communications is the future, but not with bad designThis past week has seen one of the UK’s largest (and certainly well-known) hosted telephony platforms experience a major services outage – leaving a huge number of businesses and sub-contractors without services for a significant length of time. As is the norm, many took to social media to air their ever-growing frustrations, but most, did that very British thing and said nothing and took it on the chin.
Anyway, what’s another service outage? They happen all the time these days.
In some sense, this seems par for the course, where customer expectations once again do not remotely align with the promises they believe they were given when they signed their service-provider contracts.
All of the above could be filed under ‘nothing new to see here’ if it wasn’t for the repeated comments by those affected about why their Call Divert capability/service hadn’t kicked in as they were told before they signed up.
But wait, wasn’t one of the big selling points of moving to cloud-based solutions their reliability? Leveraging those economies of scale. Where your cloud service provider had made all the big investments to ensure seamless fail-over of hardware and software systems, power supplies and other eye-watering overheads, so you didn’t have to? And you believed them!
The cynic in me would say that if this were analogised as a board game, there would appear to be far more snakes than ladders. Ironically, and sadly for the hosted telephony provider, this unfortunate outage happened just a day before the release of a new research report highlighting that businesses were four times more likely to leave a brand because of bad customer experience.
Don’t get me wrong, I’m not blaming the customer support team here. If anything, the support team were updating and responding very regularly to their clients. No, the customer experience error was committed way before the outage occurred – by promising something that couldn’t be delivered. That said, this of course could have been a totally unforeseen set of unique circumstances. Normally, where systems would be crashing about their ears, you could at least take some comfort in knowing that through the robust design and carefully curated resilient system architecture, you, the end user, would never know anything was amiss. As they say, Ignorance is bliss, just not this time.
To me, this smacks of buying into the sales pitch without digging into the contractual detail. Our long-standing and ever-patient Customer Services Director, Trevor Mockett spoke of these and many other matters back in May 2017 with two articles. Most notable of all his comments must be the following observation:
“Cold, hard proof.
Assessing these issues appears to require a leap of faith. You don’t know if the provider’s claims on any of these fronts are honest until you’ve actually experienced their service. By that time, of course, you’ve signed the contract and you’re past the point of no return.”
Caveat emptor.
There are many that might see this outage example as yet another reason why the ‘cloud’ is still an immature choice for such a critical service as communications. An on-premises, internally managed legacy system is far more dependable, or at least a known quantity
But cloud-based telephony and unified communications are enjoying an enormous upswing in popularity these days. At a time when most business communication platform sales are either flat-lining or experiencing downward cycles, hosted comms is the only clear rising star of the industry. In comparison to its legacy alternatives, it promises low-cost, decentralised, omni-present, always up-to-date and reliable performance. And I would assert that the technology is not what’s at fault here. After all, your average hosted solution is really just a very big version of what was typically running on a customer site.
We inevitably end back at the ‘how you design, implement and maintain it’ part of the service provider discussion. Dare I mention that horrible cliché ‘failing to plan is planning to fail’!
I’ve written before about service reliability, particularly into the claims made by those stating 100% and 99.999% availability. As a quick reminder, the percentages below illustrate how much downtime gives you in relation to performance criteria:
99.9% = 31,557 seconds = 8 hours 45 minutes 57 seconds
99.99% = 3,154 seconds = 52 minutes 34 seconds
99.999% = 315 seconds = 5 minutes 15 seconds
99.9999% = 32 seconds
100% = have a guess?
These are very sobering numbers. Think about the last time you had a service outage. How long did it last? Does your current SLA match your current service experience?
Our commitment to 100% availability underpins our data centre and managed service portfolio; providing our customers with peace of mind that they will always have access to their data and applications. It’s what we call Business Assured.
Since we first opened our data centre in 2011, we have never had a service affecting-outage. Ever. We put this down to our unique approach to data centre infrastructure management; optimising performance, power and cooling to ensure 100% availability.”
To know more about how we achieve and maintain this 100% uptime performance record or how we get businesses collaborating better, contact us.
Thinking smart: The role of business intelligence in a cloud-first strategyIs moving critical IT infrastructure to the cloud something of an inevitability? Digital transformation needs to be carried out at the right time; meeting business needs whilst maximising return on legacy on-premises infrastructure. This places an onus on organisations to develop a ‘cloud-first’ strategy.
According to LogicMonitor’s Cloud Vision 2020 study, 83% of workloads will run from the cloud by 2020. Compare this to today’s 68% and you begin to realise that the growing appetite for cloud models shows no signs of slowing.
By blending off- and on-premises infrastructure, organisations are benefiting from the availability, flexibility and cost-efficiency that this environment provides; indeed 72% of cloud users employ this hybrid strategy. However, you can’t just ‘lift and shift’ your infrastructure because of the service disruption this would cause, let alone budget impact.
To combat this, cloud-ready organisations need to adopt a staged approach. The question is, how do you identify and prioritise the order in which you migrate your technology? The answer lies in business intelligence (BI).
THE POWER OF BI
Business intelligence utilises the Big Data that’s gathered from your network and turns this information into actionable intelligence, which organisations can use to improve decision making and mitigate risk.
Using network device reporting and data analytics tools allows you to gather credible business intelligence that you can use to build your technology roadmap and inform your journey to a hybrid environment. By collecting, collating and interpreting key information on the devices that make up your network, you can plan your phased migration according to criticality and lifecycle.
THE RESULTS
Deploying BI tools gives you a snapshot of the health of your network and lifecycle of your equipment. Tools such as Double Red will also generate reports that grade your devices according to business importance; highlight areas of concern and recommend remedial actions. This allows you to prioritise your phased move in terms of:
- Elements that are ‘at risk’ (those that are vulnerable, end-of-life or out of support)
- Devices that are nearing the end of their lifecycle
- Equipment graded as ‘safe’
You can then use this information as part of your wider digital transformation strategy and timeline; determining which applications can be migrated to public or private cloud, moved to colocation, upgraded on-premises or sweated in their current state.