In a Microsoft blog article published August 27, the software giant announced Outlook clients older than Outlook 2013 SP1 (with latest fixes) will be blocked from connecting to Microsoft 365 services after November 1, 2021.
“After November 1, 2021, only Outlook 2013 Service Pack 1 (with latest fixes) and later will be able to connect to Microsoft 365 services.”
This follows on from Microsoft ending support for older versions of Microsoft Office such as the once hugely popular version Office 2010, which ended October 13, 2020.
But what does this really mean?
Well, for organizations still running Outlook/Office version older than Office 2013 SP1 (with latest fixes), and with mailboxes in Office365/Exchange Online post-November 1, users will no longer be able to access their mailboxes via the Windows desktop client.
This highlights Microsoft’s commitment to securing access to the Office 365 platform, ensuring companies progressively upgrade their desktop software to later, more secure, and feature-rich versions.
For most organizations, whose mailboxes are in Office365/Exchange Online, typically a subscription covering the Office365 desktop application suite ensures users always have access to the latest version of applications.
Having a patching schedule and software life-cycle in place is crucial to maintaining IT Security. It’s worth noting that Microsoft no longer supports older versions of Office, but some smaller organizations without an internal IT department or a Managed Service Provider (MSP) to manage technology might not have a software life-cycle policy in place. And at the time of this article, Microsoft no longer supports Office versions earlier than Office 2013 15.0.4971.1000.
Read more: Mastering Microsoft Teams.
So, what next?
For those organizations who are using Office365/Exchange Online for mailbox hosting only, and using older and unsupported versions of Outlook/Office what upgrade paths are available?
Upgrade Path: Office 365 Subscription
A recommended solution would be to ensure employees whose mailboxes are in Office365/Exchange Online and require the Office desktops application suite are covered by a relevant Office365 subscription. This will ensure employees always have access to the latest version of the Office365 desktop applications. Including the latest features!
Upgrade Path: Retail Version
If an organization is running a retrial version older than Outlook/Office 2013 SP1 (with latest fixes), and for internal company reasons don’t want to upgrade to a more expensive Office 365 subscription, a retail version can be purchased. The latest retail version of Microsoft Office at the time of this article is Microsoft Office 2019.
Upgrade Path: Office 2013
If an organization is running Office 2013 and doesn’t want to upgrade to a more expensive Office365 subscription, ensuring the software is always updated to the latest version will prevent users from losing access to the mailboxes. But keep in mind that at the time of this article, Microsoft is ending support for Office 2013 on April 11, 2023.
Read more: Get to Know Microsoft’s New Office App.
Questions about Microsoft Office and your firm’s security? Contact us today to speak with our IT security experts.
Backup vs. Replication: Opposing or Complementary?What is Veeam Backup? What is Veeam Replication? Which solution is best for your business and why? Let’s find out!
Veeam Backup & Replication is the foundation of the Veeam Platform, providing backup, recovery, and replication for your critical workloads including VMware, AWS, Microsoft Azure, Windows, Linux, enterprise apps, and much more.
But why do you even need backup and replication, you might ask? Here’s why…
The Achilles heel of information technology has always been the non-physical nature of data records. Electrons can disappear in startlingly large quantities in less than the blink of an eye. This can happen with a simple user error, by clicking on the wrong menu item for instance, or through sophisticated attacks such as ransomware, which encrypts your data, effectively scrambling it beyond recognition or usability — unless you pay to have it de-encrypted. Then there are natural disasters, like fires, floods, tornadoes, etc. Although, these latter threats are arguably more dangerous to physical files than they are to electronic data given the relative ease with which electronic data can be protected. That is why even before the modern information age, keeping backups of critical data has always been essential.
Learn More on Thrive’s Disaster Recovery as a Service
What’s a Backup and how does it work?
A backup is a copy of a set of data or a full system that is made at a specific time and stored away, either on the business premises, at an offsite location, or in the cloud — or some mix of the three. A backup is time-bound. Even seconds after it is made, a backup will no longer represent the existing live data set, which is continuously changing. For many kinds of data, this isn’t a problem. Sometimes it is even an advantage. For instance, in the case of a ransomware attack where the entire data store has been compromised, having a clean backup of your data and systems taken from a point in time before the infection is the only way to recover from the attack.
A Veeam Backup makes a point-in-time archive of all the files, settings, snapshots, binaries, and configuration files that make up a virtual machine (VM) or system. This archive is stored in a single file (*.VBK) that is often compressed and deduplicated to save disk space. Completed backup files give the business a point in time from which to recover any files that are associated with a system or application. If backups are completed with regular frequency, they can be very effective at preventing data loss entirely and at recovering data in the event of accidental or purposeful deletion. Backup provides a very strong RPO (Recovery Point Objective) solution. Veeam also provides Veeam Cloud Connect, which enables the capability to make backup copies offsite to a Cloud Connect Service Provider to ensure offsite and ransomware protection for backups.
Get the latest Insights on Ransomware
What’s Replication and how does it work?
Replication makes a copy of a running Insightsng virtual machine and then synchronizes updates from that running VM at regular intervals so that the replica is ready to run with the most current information should the need arise for a failover. The content of a replica changes with each new synchronization. Failover can take place very rapidly and often results in little to no downtime for the business and a very low RTO (Recovery Time Objective).
In today’s virtual environments, where critical services such as e-commerce and supply chain are being provided to customers, or where automated manufacturing and smart processes generally rely on instantaneous access to changing data, the live nature of the data is critical. In case of a failure of a primary system, it is essential to have a failover to a redundant system that can immediately restore the service. In this case, more than the data is replicated. The virtual machines, as well as the underlying network, have to be replicated so that services accessing a given IP address will continue seamlessly. Again, the replication may be on the enterprise premises, in a physically distant alternate location, or in the cloud – or some mix of the three.
What are the differences? Backup vs. Replication
Now that we have discussed the importance and the process of replicating and backing up your essential business systems and data, let’s talk about the differences between the two. When it comes to backup and replication, the most frequently asked question is – do you need one of these solutions, or do you need both?
The two terms, Backup and Replication, are often used interchangeably, but they aren’t the same thing. Sometimes they are presented as alternative ways to protect your systems, as if you must choose one or the other. The thoroughness of the replication solution sometimes makes enterprises believe incorrectly that they can dispense with backups since there is always one or more replications of the live data store at any time. However, this misses the point that data that is corrupted or lost is also replicated in the failover system. If an employee hits the wrong key or a ransomware attack encrypts data in the primary system, it will be replicated through the redundant systems based on the replication frequency. Because of the trend towards Continuous Data Protection (CDP) and low recovery point objectives (RPO) for frequently replicated systems, it is also essential to have historical backups with longer RPOs.
So, for most businesses Backup and Replication are both essential and you should employ them together to ensure that you have a full data protection and disaster recovery plan. What mix of replication and backup your business needs will depend on the nature of your data and the role it plays in your business. The required availability of systems and the budget you have for disaster recovery will also play a role in these decisions. More critical and frequently changing systems will be stronger candidates to add replication, but will also add cost to the solution. Options for failover may also exist to balance costs including both “Warm” and “Hot” (high availability) Disaster Recovery as a Service (DRaaS). A good DRaaS provider will be able to provide a cost-effective solution to meet your managed disaster recovery requirements while ensuring that both replication and backup processes are provided to balance availability with data protection.
Partner with Thrive for Veeam Backup, Recovery, and Replication Services.
As businesses pursue digital transformation strategies that integrate data across their internal silos for end-to-end data-driven processes, they will have to consider replication for either partial or full failover scenarios, as well as complementary backup services. As your DRaaS partner, Thrive works with you to determine what mix of backup and replication makes the most sense for your business operations. We will help you to analyze the role that your data plays in your business and assess the cost of data loss vs. the cost of the disaster recovery effort. And, if your business needs it, we will design an appropriately scaled DRaaS solution to ensure that your essential services are restored and up and running before your customers have even noticed.
About Thrive
Thrive is a trusted global provider of comprehensive cloud, data protection, and security services.
Since 2001, Thrive has provided these robust and secure Managed Cloud and Disaster Recovery solutions from a scalable multi-tenant infrastructure, supported by our first-class in-house technical team. Thrive delivers highly flexible and responsive solutions with outstanding value and service, using state-of-the-art technology to offer ultimate protection and peace of mind.
We are driven to be your trusted partner and to ensure that we deliver a Thrive Experience that meets your business requirements with the reliability, scalability, and support that your business demands.
Have questions? Contact Us!
Related Services
High-availability replication and DRaaS
Rapid Replication, Failover, Multiplatform Replication
Veeam Cloud Connect
Veeam Appliances
Warm Site and DRaaS
VMware Hyper-V and Nutanix
Veeam BaaS and DRaaS Solutions
Veeam Platinum Cloud Service Provider (VCSP)
A cyber attack can take mere minutes, or even seconds, to compromise endpoints. In the face of these growing threats, current signature-based antivirus and anti-malware products can struggle to keep up.
Cyber security teams can no longer rely on first-generation endpoint detection and response (EDR) tools to respond to the fast pace of today’s threats. Aging EDR tools can also be difficult to maintain and drive up security operations costs. What is the answer? Every organization should have a signatureless endpoint security solution that protects servers and workstations from advanced threats.
Thrive’s Managed Endpoint Security and Response, powered by Fortinet’s FortiEDR platform, offers real-time, proactive security across all devices covering legacy and current operating systems. With the right EDR tool in place, organizations have the ability to prevent the theft of data and intrusion of ransomware, automating response and remediation procedures to give security teams a more effective, time-saving solution.
EDR: The Better Solution
Traditional antivirus tools may provide an alert during an attack, but it is often too late for security teams to react and prevent data theft or an intrusion. EDR tools such as FortiEDR use threat intelligence to monitor suspicious behavior, taking a proactive approach to cyber security.
An antivirus alert may help to an extent, but EDR tools such as FortiEDR provide the “why”, analyzing issues so a security team discovers the root cause of an attack. This allows security teams to track unwanted behavior from the initial incident all the way through remediation. FortiEDR also provides automated attack surface policy control that discovers rogue devices and reduces the attack surface through risk-based proactive policies.
FortiEDR’s next-generation antivirus (NGAV) uses machine learning capabilities to protect critical data and prevent breaches, ensuring business continuity even if a device is compromised. With threat protection both pre- and post-infection in real time, organizations have the capability to shut down entry points commonly used by hackers to compromise critical systems.
Thrive’s Endpoint Detection and Response Provides Peace of Mind
Thrive’s Managed Endpoint Detection and Response service offers proactive, real-time automated security with incident response across all devices covering current and legacy operating systems. If a suspicious event is detected, alerting is provided to Thrive’s Security Operations Center 24X7, so immediate remediation steps can be taken.
FortiEDR provides security analysts with detailed malware information pre- and post-infection, so analysts can take the required steps to secure the endpoints with minimal disruption to end users. The playbook-based system allows security teams to put in place a consistent incident response, using security resources only as needed. Instead of the entire team responding to potentially false alarms, automated, real-time incident response allows your entire security team to focus on isolating devices, terminating malicious processes, and deleting malicious files.
Thrive’s Managed Endpoint Security and Response services allow for business continuity if a hack or security event occurs. Keeping systems online and saving time and money, this service protects endpoints and critical data.
To learn more about Thrive’s EDR solutions, get in touch with our team today!
Thrive completes Cyber Essentials Plus certificationThrive is delighted to now be Cyber Essentials Plus certified as part of the Government’s business cybersecurity initiative.
The certification process is a welcome opportunity for us to validate our approach to securing our own business information and that of our clients.
Whilst no security strategy can stop 100% of attacks, the aim is to mitigate the risk as much as possible from common threats and CE Plus certification demonstrates our commitment to doing just that. The time we take to ensure we are certified should also reassure our clients that we take cybersecurity seriously and provide confidence to our staff that they are working in a safe, secure, and compliant environment.
ONI Achieve MS Gold Competency in Communications and Project & Portfolio ManagementTuesday, 3rd August 2021, Luton. Thrive is pleased to announce that they have achieved MS Gold Competency in both Communications and Project & Portfolio Management.
With the competency recognition in Communications, Thrive has shown its ability to design, deploy and manage Unified Communications and Collaboration solutions based on MS Teams.
With the additional competency in Project & Portfolio Management, Thrive has demonstrated its ability to design, build and deploy enterprise-wide project management solutions based on Microsoft project solutions.
“This is a great accomplishment that we are pleased to have achieved. It enables us to offer a wider set of skills and services to our customers moving forward.” Commented Phil Cotterill, Sales Director, Thrive European Division.
With a rich heritage in providing unified communications and collaboration solutions, this accreditation enables Thrive to extend the solutions it delivers and manages to its customers across the full capabilities of MS Teams.
In a similar manner, Thrive is well versed in helping customers to manage complex projects and change programmes. This competency in Project & Portfolio Management enables the team to assist customers to leverage the full power of the Microsoft toolset.
“At Thrive we continually invest in skilling our people to ensure we provide a comprehensive range of services and solutions that align to the needs of our customers. These accreditations continue to demonstrate Thrive’s high degree of competence in the collaboration and project management space that has enabled us to deliver significant value to our customers over the past three decades,” said Cotterill.
Return to the Office Part 2: Is Your Security Strategy Up to Date?In Part Two of our series, we explore why IT teams must prepare for employees’ return to the office, and how to ensure they can continue to work safely from any location.
Over the last year, companies and employees have adjusted to a changing work landscape. As many transitioned from the office to a remote work setup, it presented challenges for organizations everywhere. Now, as more and more workers return to the office, IT teams must be prepared to take the steps to protect every employee and every device.
The pandemic moved workers from the corporate network to the great unknown of unsecured home networks, which presents issues for employees returning to the office. Is your IT team prepared for employees to return to the office in a full-time or hybrid role, while continuing to support the needs of those working remotely?
It’s important that IT security strategies evolve and change. The return to the office will be less rushed than the quick shift to remote work, but attention must be given to this latest pivot.
Preparing for the Return to the Office
Many employees have been away from their office for over a year. If their devices haven’t been properly maintained, it can lead to security concerns upon the return to the office. IT teams may have adjusted to allow employees to log in via Virtual Private Network (VPN), so work could be completed from just about anywhere.
As employees return to the office, every device on the corporate network must have the latest patches and updates. This includes not just the laptops that may have been in use during this time, but also the routers, printers, and other devices left behind in the office that were powered off for the last year. A health check can promote network security, and ensure the IT staff has the opportunity to certify every device and update it with the latest hardware, software, and antivirus protection.
Bad actors can sit around for weeks or even months, waiting for the opportunity to attack. Attackers understand where weaknesses exist, and seek to exploit them when most convenient. There’s no better time for malicious attackers to strike than the moment dozens of devices come back from unsecured home networks, ready to infiltrate the corporate network with malware. Thankfully, there are now next-gen solutions designed to prevent and mitigate attacks.
Building a Forward-Thinking Technology Infrastructure
As organizations rushed to provide employees with the equipment needed to work from home, they may have had to make compromises in terms of security. Traditional antivirus software no longer provides the necessary protection against today’s sophisticated hackers.That’s why every organization should have Next-Generation Antivirus (NGAV) protection. NGAV is smarter than traditional antivirus tools, using machine learning and AI to detect even the smallest of changes to files and applications. When combining NGAV with endpoint detection and response (EDR), it’s easier to detect suspicious activity and mitigate an outside attack.
Legacy antivirus products slow endpoints down, and don’t provide the same protection as NGAV. Implementation of NGAV on the Cloud has no impact on endpoints, and there’s no need to procure additional software or hardware to protect devices.
The use of multi-factor authentication (MFA) has increased in the last year, too. Multi-factor authentication adds an additional layer of protection via a security question or combination of information only the user has the answer to. This makes it harder for hackers to infiltrate company networks to access sensitive data.
Now, more than ever, cyber liability insurers are looking into business continuity plans and organizations’ security resources. Some insurers may even deny coverage if best practices such as MFA, EDR, and NGAV aren’t in place. That’s why it’s important to ensure that your IT security strategy is prepared for employees’ return to the office, while also balancing the needs of those who will continue to work from home.
Thrive can build the cyber security solution that best fits your organization. If you’re preparing for a return to the office, get in touch with our team to ensure everyone in your organization can work safely and efficiently, no matter where they log on from.
Return to the Office Part 1: How COVID-19 Has Transformed Cyber Security ForeverIn Part One of our series, we explore how COVID-19 has changed cyber security, and what the long-term effects will be.
The COVID-19 pandemic accelerated business changes and how organizations operate on a daily basis. It also led many organizations to review their technology infrastructure and cyber security practices, as employees transitioned to work-from-home, bring-your-own-device, and hybrid work set-ups.
In the cyber security world, an accelerated digital transformation certainly can be seen as a positive, but it must be done in a manner that protects the organization and all end users. In many ways, COVID-19 has transformed cyber security forever, as temporary actions now have become permanent strategies.
What exactly is the “new normal”, and what cyber risk and mitigation measures can a business take to protect themselves? Here are some of the ways COVID-19 has changed the way we think about cyber security.
Work From Home: Here to Stay
There’s a case to be made for an increase in Cloud-based cyber security services, due in part to the number of people working from home. Many will continue to work from home for years to come. According to a survey by Tessian, 47% of people working in the technology industry reported clicking on a phishing email at work. And, 43% of people reported making an error that had security repercussions.
Without the protection of firewalls in the office, many end users are seeing an increase in cyber attacks. If a home Wi-Fi network doesn’t have proper security protocols in place, this can also lead to security concerns. The increase in BYOD (bring-your-own-device) has led to new concerns, as well. As more employees use personal laptops, phones, and other devices to access sensitive corporate information and other important data, it can leave organizations at risk.
Hackers will continue to adapt and develop new malware to breach systems. Businesses must be prepared to support a global workforce regardless of where and what device the end user logs on from.
More Training: A Must
Going hand-in-hand with the move from the office to the living room, it’s clear that more training than ever is needed to protect end users and the organization as a whole. As has been said in recent years, human error is every organization’s biggest cyber security threat.
Pre-pandemic, employees may have provided access to files or information to those who should not have had access. Or, a USB drive may have “accidentally” come from the office to the home and back again, not properly protected, putting critical information at risk.
IT systems must continue to adapt to workplace changes as more people work from home. Single-sign on and multi-factor authentication can be solutions, but training should be a valued piece of the process, too. Providing training for employees on phishing attacks and breaches can help them better understand the current cyber landscape.
The Cloud: No Longer an Option, But a Necessity
Organizations tend to purchase security tools they believe are doing the job. However, these tools aren’t always talking to each other, which can actually hamper the implementation of a comprehensive business cyber security plan.
Adding new tools may end up having an undesired effect, which hackers understand and look to exploit. If gaps exist between tools and weaknesses are found, breaches can (and likely will) occur. Plus, if vendors make upgrades while organizations don’t follow, security issues may increase.
On-premise solutions served organizations well for years, but the Cloud is built on the promise of scalability and adaptability. The Cloud provides a level of security not found in on-premises solutions, and helps streamline software, so no tool is left behind.
Thrive is here to be your partner in cyber security. Contact us to learn more about our services today!
Google Workspace Price Increase: Finding the Best Cloud Storage SolutionAdditional contributions to this blog were made by Brad Chase, Senior Director of Sales, SkySync
Following a late-2020 rebranding, Google recently announced price increases for its Workspace product. For many businesses, reducing costs was an important reason to consider products like Google Workspace (formerly GSuite) in the first place.
Now, with price increases taking effect, organizations may have a decision to make about Cloud storage providers. As prices change and limits on storage evolve, it’s easy to understand why businesses may be rethinking their options. While Google Workspace and Office 365 represent the two largest Cloud storage providers on the market, businesses may utilize several other providers such as Box or Dropbox, too.
Does it make sense to continue to utilize all of these services? Is migration the right path forward? The recent Google Workspace price increase may be driving migration thoughts for businesses, as they look to avoid potentially costly contract renewals.
Migrating to a Cloud Storage Platform
The COVID-19 pandemic shone a spotlight on the need for organizations to have collaboration and productivity tools at the ready, to support those in the office and those working remotely. Every business will have a choice to make when it comes to selecting a SaaS solution capable of driving seamless collaboration.
With costs rising, migrating to a more cost-effective Cloud storage solution is front of mind for many organizations. For some, this means eliminating redundancies and moving everything to a platform that may already be an option within the organization. Microsoft Office or Google products that go beyond file storage and sharing may already be in use, which provides the option to upgrade to Office 365 or Workspace more easily.
Comfort can end up playing the biggest role in the decision-making process. If installable apps are the biggest driver, Office 365 may be the best fit. Google Workspace, meanwhile, brings everything online with its browser-based approach.
Evolving workforces are accelerating enterprise organizations’ move to the Cloud, particularly the world of Cloud SaaS. Workspace, Office 365, and other Cloud offerings offer shared team storage and Cloud storage for remote workers to use more easily.
Finding the Right Cloud Storage Fit for Your Organization
In this day and age, every organization deserves a SaaS offering that delivers collaboration, business productivity, and streamlined communication. Since the turn of the century, Microsoft became well-known for providing organizations with on-premises technology stack solutions.
However, with the emergence of Cloud-hosted SaaS technology, vendors like Box, Dropbox, and Google capitalized. Business users no longer required IT-sanctioned solutions; they could embrace the most intuitive platform that helped them do their job. The multi-Cloud ecosystem took off.
With Office 365 subscriptions serving a core growth vertical for Microsoft, this loss in market share served as a wake-up call. Culturally, they shifted towards a customer-focused model that prioritized technology adoption and business stakeholder engagement beyond the IT department. Technologically, Microsoft prioritized OneDrive for Business enhancements and launched the innovative, unified collaboration product known as Microsoft Teams.
Microsoft Office 365 carries a familiarity factor, as its suite of apps has been a favorite of on-premises offices for years. For enterprise organizations that have grown out of the need for Box and Dropbox, Office 365 is the Cloud SaaS solution that closely matches what everyone is used to from its on-premises capabilities.
Whether utilizing Office 365, Google Workspace, or another Cloud storage system, Thrive can assist with handling your storage solutions. Now is a great time to take a closer look at your data landscape, to see where redundancies can be found in an effort to avoid Cloud storage price increases. Not sure where to start? Get in touch with the Thrive team today.
Information Technology Acronyms You Need to Know: Part 2In a recent blog, we took a closer look at some of the IT acronyms that we believe are the most important. But, why stop with just seven?
In part two, we’re sharing a few more information technology acronyms that should be well-known, describe them, and explain how they impact your organization.
EPP: Endpoint Protection Platform
Focusing on prevention, an Endpoint Protection Platform is capable of providing security and blocking malware on end user devices (or endpoints), such as mobile devices, laptops, and related workstations. An Endpoint Protection Platform is a traditional anti-virus solution, and while it may solve some of the issues on the front lines, it should be paired up with Endpoint Detection and Response (EDR). While an EPP can prevent traditional malware, ransomware, and zero-day vulnerabilities from reaching devices, Thrive’s Managed Endpoint Security and Response offers real-time response and a more reliable security solution for organizations.
MDM: Mobile Device Management
As enterprises experience an increase in end users utilizing mobile devices to handle certain tasks, it is important to have a Mobile Device Management solution in place. If devices are left unsecured, it may expose corporate data and other vital information. As the workforce evolves, an integrated Mobile Device Management solution ensures compliance for devices and workstations. Thrive offers a targeted solution that provides comprehensive control over mobile devices within an organization on one platform.
SSO: Single Sign-On
Single sign-on software allows users to access more than one database or application with one standardized set of credentials. SSO software is meant to provide simplified access to applications or programs without having to log in multiple times. Not only do SSO products improve ease of use for users, but IT administrators and developers will also enjoy centralized access management. Thrive ensures single sign-on software is properly implemented, with secure access to applications and data for users.
MFA/2FA: Multi-Factor/2-Factor Authentication
Multi-factor and 2-factor authentication, often used interchangeably, requires a user to provide multiple forms of verification to access an application or resource. 2FA is a subset of MFA, but maxes the number of factors at two, while MFA can be two or more. While an application or website requiring a password may seem safe, passwords are often far too easy to guess. Multi- or two-factor authentication may require a user to enter a pin from their phone, or provide a fingerprint verification to gain access to the application. One-time passwords (OTPs) are often used, too, which may be sent via email, text, or through a mobile app. If your organization requires users to access a corporate VPN or cloud-based application, MFA/2FA should be a part of your business strategy.
RPO: Recovery Point Objective
RTO: Recovery Time Objective
Recovery Time Objective (RTO) and Recovery Point Objective (RPO) are critical parts of any organization’s business continuity and disaster recovery plans. RPO defines the goal related to the maximum amount of data (measured by change over time) that may be lost just prior to the disaster. RTO defines the approximate or maximum time until the data and/or systems can be accessible again in order to continue business operations. RPO and RTO are parts of a business continuity plan, which is designed to help organizations understand where data is stored and who has access to it.
For more information about Thrive’s NextGen managed services, be sure to contact our experienced team today!
RSA Conference 2021: Important Lessons from This Year’s MeetingThe 2021 RSA Conference certainly looked a bit different this year, as top cybersecurity professionals gathered virtually for keynotes, interactive programs, seminars, and tutorials.
Now that we have had the time to digest the information from sessions on privacy, machine learning and AI, analytics, risk management, and governance, we thought it would be important to share some of the key takeaways from this year’s conference, how Thrive is working to implement new strategies, and what it all means for your organization moving forward.
Asset Management is Growing
IT asset management is essentially the process of ensuring that all business assets are properly accounted for, maintained, upgraded, and replaced in a timely fashion. IT assets may include hardware, software systems, and mobile assets. With the increase in Cloud usage in recent years, that also plays a role in asset management.
Within a single organization, there may be desktop computers, monitors, laptops, all different kinds of software, and even items like printers, scanners, and copiers. IT asset management is becoming more and more necessary, as companies must keep up with what needs to be protected. The proliferation of Cloud services and increase in work-from-home setups post-COVID only makes this more challenging.
Thrive offers asset management solutions that reduce costs, improve compliance, and provide increased control over IT assets.
Security Awareness Becomes Security Appreciation
Sentiment is growing that some security awareness training platforms aren’t executing on the value that was hoped for. The general consensus is that end users will need to appreciate the need for security, instead of simply being aware of it. So, how can an organization ensure that end users are up to date with the latest security trends?
Many security awareness solutions are going back to the drawing board to make training more personal and engaging. When employees care about the security of company data, the overall security posture within an organization increases greatly.
Social engineering, phishing attacks, and credential theft will impact businesses for years to come. Thrive’s Cyber Security Bundle offers training through simulated phishing attacks, along with interactive videos that engage the end user and help them gain a better understanding about security posture.
AI and Machine Learning as an Attack Vector
Preventing ransomware is top of mind for chief information security officers. As security teams leverage off-the-shelf AI and machine learning tools, many security experts believe attackers will fight fire with fire, and we may see AI systems compete against one another. Data poisoning attacks against the machine learning technology used in security software could put many organizations at risk.
AI and ML rely on data and algorithms produced over time, and it’s what makes this technology so useful in preventing ransomware attacks. However, if threat actors can gain access to software, they can manipulate the AI and ML in ways that make it difficult to detect and react to.
Thrive partners with IT teams to implement Cloud-based Disaster Recovery as a Service (DRaaS) solutions, with 24x7x365 monitoring that protects critical systems and data.
Ransomware Everywhere
In the next 24 months, it’s expected that smaller-scale ransomware attacks on IoT and mobile devices will increase. Imagine a phone is taken over, but for a small ransom, it can be unlocked. If attackers can find a backdoor into devices and demand smaller ransoms, these hackers can be successful. It is unfortunate, but with the success of ransomware in the enterprise, it’s likely to trickle down to consumers.
Of course, with many end users working from home, this can lead to interruptions to work, particularly if a smartphone or tablet becomes unavailable. Thrive tailors cybersecurity plans for organizations, and includes protection for employees who may be utilizing BYOD (bring your own device) as an option. Thrive is prepared to tackle the cybersecurity issues of the present and future. For more information about our NextGen Technology services, contact us today!
Related News: Thrive Wins Coveted Global InfoSec Awards