Author Archives: Maria Koblish

The threat of ransomware looms heavily over organizations of all sizes and industries. Fortinet recently conducted a comprehensive survey involving 569 cybersecurity leaders and decision-makers worldwide to gain insights into their perspectives on ransomware. The findings from the 2023 Global Ransomware Report provide valuable insights into the evolving risk of ransomware attacks and how organizations are responding to this growing threat. 

As attacks increase in volume and intricacy, executives are reprioritizing their security efforts. Of those surveyed, 91% expect increased security budgets in the coming year to invest in technologies and services that further safeguard their networks from a potential attack. As budgets are adjusted to better address the largest concerns, it’s imperative we understand ransomware and its effect on the protection of our data.

We have pulled the top 3 key insights from the report, detailing how ransomware interacts with our digitized society and what you can do to mitigate the risk that comes with it. 

• Concerns vs. Preparedness

One of the most striking findings from the survey is the stark disconnect between organizations’ concerns about ransomware and their perceived level of preparedness. Over 80% of respondents expressed “very” or “extreme” concern about ransomware, yet an almost equal number, 78%, believed they were “very” or “extremely” prepared to defend against such attacks. This discrepancy marks a significant red flag.

Despite organizations’ confidence in their readiness, a staggering 50% of respondents admitted to falling victim to ransomware attacks in the previous year. This raises critical questions about the effectiveness of their preparations. It’s evident that many organizations need to reevaluate and potentially bolster their cybersecurity strategies. 

• The Growing Sophistication of Ransomware

Ransomware attacks have been around for decades, but their threat level continues to rise. Financially-motivated cybercrime accounted for a significant portion (74%) of incidents in 2022, with 82% of these crimes involving ransomware or malicious scripts. While year-over-year growth in ransomware attacks slowed in 2022 compared to the previous year, the frequency of attacks is still increasing.

One reason for this increase is the maturation of Ransomware-as-a-Service (RaaS) operations. These operations have become more selective, targeting organizations capable of providing larger payouts. Cybercriminals are spending more time conducting reconnaissance to identify lucrative targets, leading to higher ransom demands.

As a result, 50% of respondents said that adopting advanced technologies powered by artificial intelligence (AI) and machine learning (ML) ranked among their top three priorities. Investing in advanced technologies like AI and ML for faster threat detection is paramount in this rapidly escalating situation. Additionally, Internet-of-Things (IoT) security and next-generation firewalls (NGFWs) are areas where organizations plan to increase their investments.

• Where Technology Can Help: Integration and Consolidation

Enhancing security strategies is vital, but the manner in which it is accomplished holds equal significance. As discussed in the report, simply adding tools to an already overloaded toolbox is insufficient in mitigating an organization’s vulnerability to ransomware attacks. An increasing proportion of those surveyed (45%) say they have resorted to a blend of security platforms and individual point products, while 36% continue to buy standalone “best-of-breed” solutions. Consequently, security teams find themselves managing individual products deployed over time and struggling with the challenge of making these components function cohesively. Such manual procedures can impede a security team’s capacity to access crucial data promptly and respond effectively when faced with a ransomware incident.

As a result, those who reported adopting a “best-of-breed” approach were the most susceptible (67%) to falling victim to ransomware attacks, whereas those who streamlined their vendor portfolio by consolidating onto a small number of platforms, supplemented by point products, were the least vulnerable (37%). As findings like these continue, organizations are increasingly opting to reduce the array of individual point products in favor of a more streamlined approach. The survey findings underscored this shift, with 99% of respondents emphasizing the effectiveness of integrated solutions or a comprehensive platform in their efforts to thwart ransomware attacks. With the overall organization, its people, and the technology behind this process, the alignment of these players leads to the most effective defense against ransomware. 

To enhance their security posture, organizations should focus on investing in advanced integrated technologies, strengthening incident response plans, and prioritizing employee cybersecurity awareness training. Only by addressing the multifaceted challenges of ransomware attacks, including people and processes, can organizations effectively protect themselves in this increasingly hostile digital landscape. Contact Thrive to up your security and bolster your confidence in data protection against ransomware.

If these past few years have taught us anything, it’s that businesses are no longer confined to the walls of the traditional office—the Cloud has expanded our horizons, offering opportunities for agility, scalability, and responsiveness inside and outside the workplace. 

Amidst this transformation, managed Cloud services emerged as an opportunity for innovation, securely revolutionizing the way organizations harness the power of the Cloud. The question is, how can these organizations take advantage of their Cloud investments in order to meet the needs of their business and employees? 

Managed Cloud services are a popular choice for businesses looking to optimize where exactly their funding is going, and how it is being used. Specifically for businesses looking to:

• Scale Cloud services without IT infrastructure expenses
• Manage their customer databases and update records remotely using the Software as a Service model
• Utilize cloud backup and disaster recovery services to manage and maintain data in Cloud storage
• Access big data analytics using Cloud computing services
• Develop applications for web and mobile
• Test and development for launching apps
• Manage social networking with large volumes of data

Today’s digital landscape is irrefutably dynamic, rendering the concept of a one-size-fits-all Cloud solution obsolete. Thrive’s managed Cloud services are tailored to satisfy the demands of modern businesses while balancing factors such as performance, cost, security, and flexibility. Enterprises benefit from a range of NextGen Cloud solutions, from the robustness of VMware-based private Cloud platforms tailored for the most demanding workloads to Microsoft Azure and AWS public Cloud offerings. To make it work harmoniously, Thrive’s Hybrid Cloud Director delivers unparalleled visibility and control for companies across all of their Cloud systems.

For businesses looking to optimize and scale their enterprise, the benefits of managed Cloud services like Thrive’s are obvious: 

1. Cost savings. Save on the operational expenses needed to maintain your Cloud network infrastructure. In addition, you no longer have to hire and train people with the hard-to-find skill sets required to secure and support your Cloud.
2. Automatic updates. With Cloud technology constantly evolving, an MSP can keep your network updated and stay on top of advances and upgrades for your network infrastructure.
3. Disaster recovery. If a disaster takes place, it’s important to safeguard and retrieve your data as soon as possible. MSPs with 24x7x365 multi-location support can manage your disaster recovery process so that there is minimal downtime in the event of a disaster.
4. Rapid response. Round-the-clock support and remediation from a team of experts ready to respond to your Cloud concerns or issues.
5. Better Cloud and network security. Keeping your network secure is a top priority when using the Cloud, but security can be a complicated process. Managed service providers have the knowledge to keep your Cloud secure from unauthorized access.
6. Centralized control. Simplify your Cloud administration with all of your controls in one location to easily make any changes or upgrades to your network.
7. Flexible Scaling. Keep pace with the increasing volume of web traffic and the proliferation of devices while managing the growth of cyber threats.

It’s imperative your Cloud investment be optimized to its fullest potential. As a managed Cloud service provider, Thrive offers technical excellence that provides a trusted consulting partner, securely guiding businesses through the world of the Cloud. Thrive’s commitment to tailored services and an array of benefits underscore effectiveness in investment optimization, creating the ideal partnership to ensure your business excels in this digital age. To learn more about how Thrive can optimize your operations, contact us today.

Distributed denial of service (DDoS) attacks can be catastrophic for any business, organization, or institution. DDoS cyber attacks can force a business into downtime for up to 12 hours, leading to a potentially substantial loss in revenue. In a recent 2022 security survey from Cox BLUE, it was reported that the average cost of falling victim to a DDoS attack is between $20,000 – $40,000 per hour.

No business can afford to be unprepared for such a debilitating attack. Having DDoS prevention methods in place as part of your cybersecurity services can save your business valuable time and money. So how can you stop DDoS attacks? Learn more about them below as well as 5 of the best ways to protect your business from their damage.

What is a DDoS Attack?

A distributed denial of service (DDoS) attack operates like its name implies; it’s a form of cyber attack that disrupts connectivity or network services to deny service to users. Attacks generally feature tools, such as a bot, that overwhelm the network with repeated signals until it can no longer process genuine requests from users.

Hackers frequently target critical services such as web services and platforms that are often used by large businesses, banks, governments, and educational institutions. It is imperative that high-risk industries develop DDos prevention methods and implement the right tools to mitigate attacks. There are multiple forms of DDoS attacks. Some common examples include:

• Volumetric Attacks: The prevalent type of DDoS attacks involves the use of botnets, which inundate network ports, rendering them incapable of handling genuine traffic and user requests. These bots generate fake traffic directed at all accessible ports, effectively blocking them and hindering the normal flow of legitimate traffic. Consequently, websites crash, displaying errors to potential customers.
• Amplification-layer Attacks: Instead of attacking the entire victim’s network, perpetrators focus on specific user-facing applications. They create substantial traffic using HTTP and HTTPS protocols, mimicking the typical patterns of traffic these applications normally experience.
• Protocol Attacks: (protocol fragmentation attacks) Aim to disrupt data transfer and connection verification protocols. Attackers send malformed and sluggish pings, causing the network to expend significant resources attempting to validate these requests. Consequently, the network becomes overwhelmed, rendering it incapable of responding to genuine requests.

While they differ in how they inflict damage, all three approaches can attack a victim on multiple fronts to completely overwhelm their infrastructure and applications.

The History of DDoS Attacks

Cyber-attacks are not a recent development. The first DoS attack took place in 1974, orchestrated by a curious 13-year-old boy in Illinois. Exploiting a vulnerability in the then-new “ext” command, he managed to simultaneously shut down 31 University of Illinois computer terminals. In the 1990s, Internet Relay Chat fell victim to basic bandwidth DoS attacks and chat floods. However, the first significant DDoS attack occurred in 1999, when a hacker utilized the “Trinoo” tool to incapacitate the University of Minnesota’s computer network for 2 days. Subsequent attacks laid the foundation for the larger and more widespread cyber-attacks prevalent today.

One of the largest examples of a DDoS attack was on June 1, 2022, on a Google customer. The target was hit with a series of HTTPS DDoS attacks, peaking at 46 million requests per second. Which, to put into perspective, compares to “receiving all the daily requests to Wikipedia (one of the top 10 trafficked websites in the world) in just 10 seconds.” The customer, Cloudflare, announced it had stopped the largest HTTPS distributed denial of service (DDoS) attack ever recorded at 26 million requests per second, surpassing a previous-record attack of 17.2 million requests, which at the time was almost three times larger than any previous volumetric DDoS attack ever reported in the public domain. The hackers, who utilized the Mēris botnet, used over 5,000 source IPs from 132 countries to launch the attack, with the top 4 countries – Brazil, India, Russia and Indonesia – contributing about 31% of the total attack traffic.

Named after the Latvian word for “plague,” the Mēris botnet operators typically send threatening emails to large companies asking for ransom payments in exchange for an end to their DDoS attack. If the DDoS attack victims don’t pay the ransom, the hackers use their botnet in attacks that start small and gradually grow as a way to pressure victims into paying. For several months, Mēris was the largest DDoS botnet on the internet, breaking the record for the largest volumetric DDoS attack twice in 2021, once in June, and then again in September.

What Happens During a DDoS Attack?

Cybercriminals perform their DDoS attacks by sending out malicious code to hundreds or even thousands of computers, instructing each one to send requests to a single organization. This is usually accomplished through tools, such as a botnet. The botnet can be a network of private computers infected with malicious software that is controlled as a group, without the knowledge of each individual owner.

Why Have DDoS Attacks Increased?

If you are not concerned about DDoS attacks yet, you should be. The last year has seen a significant rise in the amount of DDoS attacks, and there is no evidence that they’ll decrease anytime soon. Implementing DDoS prevention methods and best practices is crucial to mitigate these increasing attacks.

The annual Distributed Denial of Service (DDoS) Insights Report from Zayo Group Holdings, Inc. found that DDoS attacks in the first half of 2023 were up 200% from 2022. Activity increased nearly four-fold from Q1 to Q2 in 2023, which is attributed to increased automation in the digital world.

As more organizations adopt internet-connected devices, cybercriminals see the opportunities for DDoS attacks, which may explain the rise. The more companies integrate unsecured Internet of Things devices without the right cybersecurity precautions or DDos prevention tools, the more they place themselves at risk and contribute to the rise in DDoS attacks.

5 Tips for DDoS Attack Prevention

Prevention is the best medicine, and this couldn’t be more true for DDoS attacks. Prepare your organization with the following tips to avert a devastating DDoS attack.

1. Organize a DDoS Attack Response Plan

Don’t be caught blindsided by DDoS attacks; have a response plan ready in case of a security breach so your organization can respond as promptly as possible. Your plan should document how to maintain business operations if a DDoS attack is successful, any technical competencies and expertise that will be necessary, and a systems checklist to ensure that your assets have advanced threat detection.

Additionally, establish an incident response team in case the DDoS is successful and define responsibilities, such as notifying key stakeholders and ensuring communication throughout the organization.

2. Secure Your Infrastructure with DDoS Attack Prevention Solutions. 

Equip your network, applications, and infrastructure with multi-level DDoS protection strategies. This may include DDoS prevention management systems that combine firewalls, VPN, anti-spam, content filtering, and other security layers to monitor activities and identify traffic inconsistencies that may be symptoms of DDoS attacks.

If you’re looking for DDoS protection by leveraging cloud-based solutions, many providers allow for advanced protection resources for additional charges. Other options allow for businesses to go “full cloud,” entrusting sensitive data with a reputable cloud provider that offers heightened security protocols, both virtual and physical.

3. Perform a Network Vulnerability Assessment.

Identify weaknesses in your networks before a malicious user does. A vulnerability assessment involves identifying security exposures so you can patch up your infrastructure to be better prepared for a DDoS attack, or for any cybersecurity risks in general.

Assessments will secure your network by trying to find security vulnerabilities. This is done by taking inventory of all devices on the network, as well as their purpose, system information, and any vulnerabilities associated with them, and including what devices need to be prepared for upgrades or future assessments. Doing so will help define your organization’s level of risk so you can optimize any security investments, and employ DDoS prevention methods in your organization.

4. Identify Warning Signs of a DDoS Attack.

If you can identify the symptoms of a DDoS attack as early as possible, you can take action and hopefully mitigate damage. Spotty connectivity, slow performance, and intermittent web crashes are all signs that your business may be coming under attack from a DDoS criminal. Educate your team on signs of DDoS attacks so everyone can be alert for warning signs.

Not all DDoS attacks are extensive and high-volume; low-volume attacks that launch for short durations are just as common. These attacks can be particularly nefarious because they are more likely to go under the radar as just a random incident rather than a potential security breach. Low-volume DDoS attacks are likely distractions for damaging malware; while your IT security staff is distracted by a low-volume attack, malicious software like ransomware can infiltrate your network.

5. Adopt Cloud-Based Service Providers. 

There are several benefits to outsourcing DDoS attack prevention to the cloud.

Cloud providers who offer high levels of cybersecurity, including firewalls and threat monitoring software, can help protect your assets and network from DDoS criminals. The cloud also has greater bandwidth than most private networks, so it is likely to fail if under the pressure of increased DDoS attacks.

Additionally, reputable cloud providers offer network redundancy, duplicating copies of your data, systems, and equipment so that if your service becomes corrupted or unavailable due to a DDoS attack, you can switch to secure access on backed-up versions without missing a beat.

Are you interested in the security of a predictable cloud provider and protection from DDoS attacks? Don’t hesitate to contact the experts at Thrive to learn more about our cloud services. And if you intend to go it alone? Remember that the next time you see an influx of traffic signaling a banner day for business, you may be facing a DDoS attack.

In 2023, it’s imperative to know what your business is up against in order to begin securing your data and ensuring the success of your business. With 83% of breaches involving financially motivated external actors, 74% involving a human element of social engineering attacks, errors, or misuse, and 50% (double of last year) of those social engineering attacks being pretexting incidents, it’s been time for organizations to pay attention and get ahead.

In the rapidly evolving landscape of cybersecurity, these stats are not just numbers but an indication of the rising severity of cybercrime. Staying ahead of the latest threats and vulnerabilities is paramount for organizations. The recently published Verizon Database Breach Investigations Report (DBIR) provides valuable insights into the importance of fundamental security measures. 

Below we will detail the 5 most important observations from the report and how the right cybersecurity services can assist organizations in addressing current and potential security failures; including the significance of unique passwords, multi-factor authentication (MFA), user training, timely patching, and more.

• Combatting Business Email Compromise and Ransomware

Verizon’s DBIR reveals a concerning rise in Business Email Compromise (BEC) attacks, with a nearly 50% increase compared to the previous year. Protecting your organization starts with addressing the basics. Thrive offers comprehensive security solutions that enable the implementation of strong passwords, MFA, and user training programs to enhance resilience against BEC attacks and ransomware.

• Prioritizing Timely Patching and Software Bill of Materials (SBOM)

The report emphasizes the importance of prompt patching, especially in the context of vulnerabilities like the Log4j vulnerability. Verizon highlights the significance of having a Software Bill of Materials (SBOM) to expedite vulnerability identification. Thrive’s advanced patch management system enables organizations to stay ahead by proactively addressing vulnerabilities. Our services offer enhanced response time and risk reduction associated with vulnerabilities.

• Strengthening Security with Multi-Factor Authentication (MFA)

Stolen credentials and vulnerabilities account for almost 24% of breaches, as highlighted by Verizon’s report. Implementing MFA is crucial in safeguarding user accounts. Thrive offers a robust MFA framework, supporting various authentication factors, including password security, biometrics, and hardware tokens. By leveraging MFA, organizations can fortify their security defenses against credential theft and significantly reduce the risk of successful cyberattacks.

• Cultivating a Culture of User Awareness and Training

End-user training plays a vital role in combatting cyber threats. Verizon emphasizes the need to educate users on identifying phishing and social engineering attempts as a second line of defense if and when systems fail. Thrive enables end users to have power over their data,  equipping employees with the knowledge and skills to recognize and mitigate potential threats. By fostering a culture of cybersecurity awareness, organizations can empower their workforce to be the first line of defense against cyber attacks.

• Embracing Proactive Patch Management

Verizon’s report highlights the persistent challenge of delayed patching – with an average delay of 49 days, organizations of any size can’t risk that type of security gap. Thrive emphasizes the importance of a standardized patch cycle to ensure timely remediation of vulnerabilities. By leveraging our Vulnerability Management Solutions and patch management capabilities, organizations can proactively address vulnerabilities, reducing the window of opportunity for cybercriminals to exploit weaknesses.

The 2023 Verizon Database Breach Investigations Report re-iterates that while the flashy attacks attract the news organizations, the basics of using unique passwords, forcing users to use MFA, and training users to spot phishing and social engineering attacks will go a long way to protect your organization. As the threat landscape continues to evolve, Thrive stands ready to help companies go back to the basics while also being a trusted partner in navigating where to turn next in your security journey, such as an AI-enabled cybersecurity mesh architecture. Contact Thrive to set up a consultation and learn more. 

Law enforcement agencies are under attack. Increasingly they are a new favorite target for cybercriminals. Judicial entities and law enforcement agencies are having to defend themselves against faceless criminals to protect the highly sensitive data in their possession, including personal information on officers, civilians, criminals, judges, prosecutors, ongoing investigations, closed cases, and more. A breach of this type of private information is highly attractive for bad actors that want to leverage it for extortion, monetary gain, and other potentially devastating consequences like preventing officers from performing their duties effectively, influencing court proceedings, and ultimately jeopardizing the safety of individuals and communities. 

Security failures of this magnitude can result in significant liability and undermine the trust and confidence of constituents within these agencies, and their ability to function on behalf of the public. Cybersecurity teams within law enforcement agencies are under new and growing pressures due to an expanding vulnerability attack surface. The pace and complexity of these threats, the expanding number of point solutions, vendors, and increasing amounts of data make the entirety of a public sector CIOs effort harder to keep pace with.

Sprinkle in a dozen or more frameworks and continually evolving regulations that the public sector has to comply with, it quickly becomes impossible to ‘go it alone’ as a security strategy.

In particular, police departments are coping with a lack of internal training and protocols, outdated systems, and a historical shortage of IT personnel creating internal urgency to prioritize the protection of their classified data. Outsourcing data protection to a private sector cybersecurity expert is an effective, fast, and sustainable approach to combating cyber threats. 

Finding A Partner That Can Protect Public Sector Security Infrastructure

A managed service provider (MSP) can function like a cybersecurity SWAT team. From strategy development to solution implementation and maintenance, finding the right partner to help operations is essential, especially in light of the onslaught of attacks on the astronomical volume of sensitive data being generated by connected devices in an always-on world. A recent prediction shows the current 15 billion devices operating globally will balloon to 30 billion devices in 2030– all generating data, all allowing for infrastructure vulnerabilities. 

At Thrive, our cybersecurity experts can help law enforcement agencies effectively manage risks in a cost-efficient, timely manner. Through a comprehensive IT solution offering that includes multi-factor authentication, data encryption, and backup and recovery services, Thrive is proving essential to dozens of local and state police departments; preventing data loss and minimizing the impact of cyberattacks.

Thrive’s team of expert personnel has years of experience in cybersecurity and IT and provides round-the-clock monitoring and support, as well as regular vulnerability assessments and penetration testing, to identify any potential weaknesses and ensure that networks are protected before hackers can even strike. 

Protect and serve takes on new meaning.

Cyberattacks against federal, state, and local law enforcement agencies will continue to grow. Thrive’s cybersecurity experts are ready to help safeguard your networks and the communities you serve. Contact Thrive to learn more.

As hurricane season approaches, businesses face the daunting task of safeguarding their critical data amidst the potential chaos. The impact of hurricanes extends beyond physical damage, posing a significant risk to valuable data. With 13 named storms forecasted between June 1 to November 30, 2023, it’s important to think ahead of this hurricane season and consider acting proactively with Thrive’s Disaster Recovery as a Service (DRaaS). 

Hurricanes unleash havoc, leaving a trail of destruction in their wake. However, it’s not just physical structures that bear the brunt; business productivity can also be swept away, no matter if operations are in-person, hybrid, or fully remote. According to Gartner, the average cost of network downtime comes out to about $5,600 per minute, adding up to around $300,000 per hour. The financial implications of losing vital business data during a hurricane are a nightmare no organization wants to face.

Disaster Recovery as a Service, or DRaaS, comes to the rescue when the storm hits and a fast resumption of IT services is needed. Disaster recovery services act as a reliable guardian, ensuring the safety and availability of your data, even in the face of adversity. How does it work? DRaaS leverages automated processes to replicate your data and infrastructure in secure off-site locations, away from the hurricane’s path.

Why DRaaS Is Essential during Hurricane Season:

• Swift Recovery: Time is of the essence during a crisis. DRaaS facilitates rapid recovery by offering near-instantaneous failover, enabling your business to resume operations swiftly and reduce downtime tenfold.
• Data Integrity: Hurricanes pose a threat not only to physical infrastructure but also to data integrity. DRaaS ensures continuous data backups and storage in multiple locations, safeguarding your information and facilitating seamless recovery, even in the event of severe on-premises damage.
• Cost Savings: The financial impact of hurricanes can be severe, with substantial post-disaster expenses. Adopting DRaaS not only protects your data but also your bottom line. By eliminating the need for costly hardware and infrastructure, as well as minimizing downtime and data loss expenses, DRaaS provides significant cost savings.
• Compliance and Trust: In a data-driven world, regulatory compliance and maintaining customer trust are paramount. DRaaS solutions often incorporate built-in security measures and encryption protocols, ensuring data security and enabling compliance with industry standards and legal requirements.

Preparedness in the wake of hurricane season means safeguarding your data. With its ability to facilitate swift recovery, ensure data integrity, provide cost savings, and ensure compliance, Thrive’s DRaaS emerges as a critical tool in protecting your data during hurricanes and other disasters that may hit. By working with you to understand your Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO), the Thrive team can craft the right DRaaS solution for your business. 

Secure your data with DRaaS and fortify your business against the storms of uncertainty, contact Thrive today! 

Last month, Microsoft Threat Intelligence discovered a security vulnerability in Microsoft Outlook for Windows that could allow hackers to steal user login credentials when they access email from an unsecured network, such as the Internet. This vulnerability is related to a technology called LAN manager (NTLM) that is used to manage login information. 

After sounding an alarm for live exploitation of the Outlook security flaw, Microsoft said it traced the exploit to a Russian APT targeting a limited number of organizations in government, transportation, energy, and military sectors in Europe. Microsoft’s Security Response Center (MSRC) did publish mitigation guidance and offered a CVE-2023-23397 script to help with audit and cleanup in response to the severity of the issue. “We strongly recommend all customers update Microsoft Outlook for Windows to remain secure,” Microsoft said.

A zero-day vulnerability means that the issue was detected while it was already live and potentially exploitable, meaning there are “zero days” for an organization to find a solution because it is already a real threat. As with most cybersecurity vulnerabilities, the impact is rarely isolated to one continent. Though Europe may have been targeted initially, local and state governments in the U.S. and Canada warned that the “critical zero-day vulnerability” recently discovered in Outlook could allow hackers to access email accounts and exfiltrate sensitive government data such as emails, attachments, and other confidential information if not addressed urgently. 

While Microsoft has released patches to address the vulnerability, local and state governments that have not yet applied these patches remain at risk. With limited resources to devote to cybersecurity and lagging internal response times compared to the private sector, Thrive is seeing more public sector interest in cloud adoption, where municipalities are looking to store sensitive data on a private cloud server, while using public for more routine communications like email. 

• A 2020 survey conducted by the National Association of State Chief Information Officers (NASCIO), 49% of state CIOs reported that their state government had adopted a cloud-first strategy for IT service delivery. 
• In addition, the survey found that 77% of state CIOs reported that their state government had moved at least some of their IT services to the cloud. 
• According to a 2019 email security report, Microsoft Exchange Server was the most commonly used email system among U.S. government organizations. The report found that 68% of all government organizations surveyed used Exchange Server, while 21% used Office 365 (which includes Exchange Online). 

Shifting to cloud-based email is particularly appealing for state and local governments –  cost savings, improved scalability and flexibility, reduced maintenance requirements, are all attractive incentives. However, in light of the bombardment of cyber attacks and an ever-expanding attack surface as government organizations embrace more and more IT modernization tools, cloud offers cybersecurity features like multi-factor authentication, data encryption, and advanced threat detection capabilities.

Thrive has dedicated 24/7 security teams that monitor email systems for potential threats and is equipped to respond in real-time; versus having to reassign internal teams to troubleshoot the latest vulnerability. With a trusted partner that takes responsibility for security, maintenance and updates (like adding or removing users since local and state governments experience frequent fluctuations in staffing needs), the latest cyber “Exploit” to make headlines quickly becomes yesterday’s news.

Cybersecurity threats are increasingly sophisticated and frequent, and the impact from these attacks keeps rising. With more data sources than ever, cybercriminals are stealing more records than ever – billions annually – to sell and to use for extortion. Among highly targeted nations, the U.S. has the highest average total cost of a data breach.

As technology evolves, we generate more and more data, and the management of that data becomes more critical. With around 4.66 billion active Internet users worldwide, the data produced daily surpasses the imagination: 2.5 quintillion bytes of data were created every day in 2020. That is equivalent to 10 million blu-ray discs, which when stacked would be as tall as two Eiffel Towers combined. (Dihuni, 2020). 

Stored data grows 5x faster than the world economy. Yet, many of us neglect the very premise of data management, whether it’s family photos from a trip taken seven years ago or enterprise data like confidential emails and databases, 21% of people have never made a backup. Technological innovation has made it so data is the currency that runs the world. 

Data loss can occur in many different ways, from hardware failures to cyber-attacks. The fact is, this data loss can have a devastating impact on both individuals and businesses. Personal data loss can lead to the loss of precious memories, while business data loss can lead to significant financial loss, reputational damage, and even legal consequences. That’s why backing up your data is so important.

Regardless, people still need a reminder. World Backup Day, celebrated annually on March 31st, is a day dedicated to raising awareness about the need for data backup and protection. It’s a day for us to stop and think about our data, where it is stored, who has access to it, and what would happen if it were lost.

In celebration of this day, we could all use a refresher – back up your data by creating a duplicate copy and storing it in a separate location, so that if the original data is lost, you can recover it. There are different ways to backup your data, from cloud-based storage solutions to external hard drives. 

A data backup is just one part of the equation. It’s also essential to ensure that your data is protected from hackers and breaches to the best of your ability. This means using strong passwords, regularly changing those passwords, and limiting access to sensitive information.

On World Backup Day, take the time to review your data backup strategy and make sure that your data is protected. Ask yourself:

• Do you have a backup plan in place?
• How often do you back up your data?
• Where do you store your backup data?
• Who has access to your data?
• Do you use strong passwords to protect your data?

If the first bullet above seems daunting, there’s no need to fear. Thrive can help with solutions to take care of your data so you don’t have to. Thrive’s implementation of hybrid cloud solutions, cybersecurity data protection, and when all else fails, Disaster Recovery as a Service, ensures your business’ data is locked up 24x7x365 rather than just on this one important day. 

So, a Happy World Backup Day! And contact Thrive so we can help identify where the gaps are in your current security posture and put you on a path to better data management.

Most financial institutions today have a presence in the cloud, but adoption in the financial-services sector is still at a relatively early stage. Among the financial-services leaders who took part in a recent McKinsey survey, only 13 percent had half or more of their IT footprint in the cloud. But migration to the cloud is gathering momentum as the industry embraces digital transformation in order to remain competitive. At Thrive, our financial services customers are embracing everything from:

• AI for task automation, fraud detection, risk reduction, and investment advice; 
• Blockchain technology to create more secure and efficient payment systems; 
• Digital identity solutions like biometrics and machine learning to verify customer’s identities and reduce fraud;
• Open Banking that allows customers to share their financial data with third-party providers to cutting-edge financial products and payment services;
• Mobile banking that allows customers to use their smartphones to manage their finances;
• Managed cloud services that enable a more cost-effective and expert approach to infrastructure management, data management and analytics, security and compliance, disaster recovery and business continuity 

Despite the huge value potential in the cloud, financial institutions have been tentative about moving to cloud at scale. There is good reason for this hesitancy, since cloud migration can be uniquely complex for financial institutions. Often, the IT landscape at financial institutions is particularly varied, with decades-old applications running alongside more modern systems. 

Financial services firms have unique requirements for cloud solutions; for example, they must comply with strict regulations related to data privacy, security, and retention. They also need to ensure that their cloud solutions are resilient and can handle high volumes of transactions with low latency.

To meet these requirements, firms are seeking specialized cloud solutions that are specific to the industry with features such as enhanced security and compliance controls, real-time data processing, and analytics capabilities. For example, security issues pose a 24×7 risk to financial services firms and regulatory requirements demand that a firm’s data is logged, monitored, analyzed and reported upon as it passes through a complex network of IT infrastructure and applications.

As cloud adoption increases, our clients are battling a shortage of internal IT staff expertise to manage certain complex cloud services offerings, and in particular, cybersecurity. Increasing demand for managed SIEMaaS, Security Information and Event Management as a Service, is a result of firm’s clamoring for a centralized view of their security posture and the ability to detect and and respond to security threats in real-time. Given the onslaught of modern security needs, SIEMaaS is more cost-effective than trying to manage an in-house security operations center.

Knowing what to keep on-premise, and what IT ops belong in public cloud vs. private cloud, is overwhelming. What often follows is a piecemealed cloud migration strategy that ends up becoming a huge barrier to capturing the full value of a firm’s cloud investment. 

The concerns we hear most from clients are actually reasons to work with an expert managed services provider like Thrive. They include: 

• Data Security: the handling of sensitive data and compliance with strict regulations to protect that data from breaches and cyber attacks
• Compliance: numerous regulations, such as GDPR and PCI DSS, require data storage and processing in a specific way. Moving to the cloud may require new compliance measures, such as audits and certifications, which can be time-consuming and costly
• Integration: complex legacy systems that need to be integrated with cloud-based solutions requires significant internal resources and expertise to ensure a smooth changeover
• Cost: upfront costs as firms upgrade infrastructure and try to hire new staff, and ongoing costs for data storage and network fees
• Skills Gap: moving to the cloud will require new in-house skills, such as cloud architecture and DevOps

A 2020 survey by Deloitte found that 90% of financial services firms in North America were using some form of cloud services, with 51% using public cloud services and 38% using private cloud services. The benefits of managed cloud services stretch far beyond reducing operational costs, compliance and higher levels of reliability.

Today, data security in financial services is a critical concern. Firms must carefully evaluate managed cloud services providers to ensure that they have the necessary security and compliance controls in place, such as access controls, encryption, and threat detection, as well as their compliance with regulations such as GDPR and PCI DSS.

Thrive’s financial services-tailored cloud and cybersecurity expertise spans these industry-specific challenges. Our world-class team has decades of financial services experience and understands the unique complexities that organizations face each day from investors, regulators, and customers. 

Some disasters, such as those wrought by Mother Nature, can be physically destructive; others, such as those brought on by cyberattackers, can be virtually destructive. However, no matter which type of disaster strikes, there’s always one necessary thing in every organization: proactive recovery.

According to Gartner, the world’s leading research company, the downtime spent on disaster recovery can cost companies $5,600 per minute, or nearly $340,000 an hour! In today’s highly competitive market, that’s just not acceptable

To mitigate downtime and the loss of productivity and revenue that comes with it, organizations need to practice preparedness for disaster recovery; being prepared is the best defense against downtime. This means having a strong business continuity and disaster recovery (BCDR) plan. To build a strong BCDR plan, of course, you’re going to need metrics.

Why You Need to Set and Track Metrics for Your Disaster Recovery Plan

Metrics offer business leaders important and accurate information about their organization and its processes, from marketing to IT. Applying metrics to your business continuity and disaster recovery plan objectives is just as important – if not more so – as this data offers disaster preparedness. Metrics, as part of a BCDR plan, help organizations to:

• Monitor the current state of IT
• Identify potential issues
• Prescribe corrective action
• Measure the results

Through BCDR metrics, organizations can create pre-defined IT processes for disaster recovery frameworks, and requirements for them, and identify objective variances from their goals. This makes BCDR metrics the basis for improvement, helping to estimate and eliminate operational vulnerabilities and downtime impacts. In addition, metrics offer insight into IT efficiencies and compliance with regulations and conformance to standards.

Two important disaster recovery plan metrics that comprise any solid BCDR plan are RTO (Recovery Time Objective) and RPO (Recovery Point Objective).

What is RTO?

RTO, or Recovery Time Objective, is the metric that defines the time it takes for your IT infrastructure and services to get back online following a disaster. It requires calculating how quickly you need to recover operations so you can determine what preparations will be necessary.

What is RPO?

RPO, or Recovery Point Objective, is the metric of how much data a business can afford to lose, as well as how long it can take between the last data backup of a business’s system and the disaster event without causing serious business repercussions

What is the Difference Between RTO and RPO?

Since RTO is the measured timeframe in which applications and systems must be restored following a disaster, IT leaders should be measuring RTO from the very moment an incident occurs, not from the moment that their team begins correcting the issue. This approach provides them with knowledge of the exact point at which users start to be impacted.

On the other hand, RPO looks at how much data an organization can lose before it begins to impact business operations. For example, consider an online retailer. Now, not all are created equally. For a small mom-and-pop operation with only a handful of orders coming in per day, a few hours of lost data may not cost them any business at all. So, conducting data backups a couple of times a day may be fine; however, for a behemoth like Amazon, two hours of downtime could be devastating for their eCommerce and to their reputation, so backups may be needed on the minute.

So what do RTO and RPO have in common? Ideally, the numbers should be as close to zero as possible. Of course, the closer they are to zero, the greater the investment in IT experts, software, or other equipment will be.

Defining RTO vs RPO Values

As our earlier example illustrated, recovery time and point objectives (RTPO) are not one-size-fits-all when it comes to disaster recovery plans. Organizations are different in size and industry; for example, while that small retailer may be able to play loosely with its metrics, a hospital – where lives are at stake – likely cannot afford any downtime.

That said, one common disaster recovery strategy is to divide applications and services into various tiers and set RTPO values according to the service-level agreements (SLAs) that they have committed to.

By classifying the protection of data, organizations can identify the best method of storing, accessing, protecting, recovering, and updating data based on specific criteria to mitigate damages. For example, an organization may opt for a three-tier BCDR model:

• Tier-1: Mission-critical applications requiring an RTPO of less than 20 minutes
• Tier-2: Business-critical applications requiring RTO of 1 hour and RPO of 4 hours
• Tier-3: Non-critical applications requiring RTO of 8 hours and RPO of 24 hours

To create these tiers, an organization would need to closely examine their applications and services to identify which drive the business, generate revenue, and are essential to operations. This is called business impact analysis (BIA), and it all comes back to – you guessed it – metrics.

Lower Your Disaster-Related Downtime with Thrive

Once you’ve ranked your applications and services to determine the impact they will have on your business, you may be looking for a way to protect them after a disaster strikes. Look no further than Thrive. We offer a safe and secure path to the cloud, with bundled or customized options, and are hyper-aware of the devastating effects of disasters and downtime. That’s why we:

• Are located away from coastlines, outside flood zone/wind-blown debris zone in CAT 3–CAT 5 Hurricane-rated structures with fire protection
• Use redundant N+1 generators, Uninterrupted Power Sources (UPS), and Computer Room Air Conditioning (CRAC) Units
• Use dual authentication security (HID, PIN, and/or biometric), motion security cameras, and have alarmed man-traps

With Thrive, your data is safe Contact the experts at Thrive to discuss your disaster recovery plan options.