The WannaCry Cyber-Attack: Could the Cloud Have Protected You?
The people you serve trust you—and you do not want to take any risk that will shake that trust. When you experience a breach, you put sensitive information at stake and compromise your ability to govern or provide services.
The WannaCry ransomware attack affected 150 countries. Anyone who was impacted is wondering one thing: What could we have done to avoid this? What could our IT department have done? Surely, someone must have seen this coming and known how to avoid it.
But the truth is this: Unless you wrote the program, there is not a lot you could have done.
Or is there?
You could have brought in white-hat consultants (hackers on the side of good) who would have been able to identify your vulnerabilities, then paid a lot of money for repetitive penetration testing on your systems. These consultants might have been able to identify the WannaCry issue before it hit, and your IT team could have patched all your systems. After all, how many computers do you actually have? It can’t be that big of a job.
But…that’s every single workstation and server. Plus, it needs to be done over a weekend. It IS that big of a job.
Another option was to have put the responsibility onto someone else…where it makes sense. Enter Microsoft and the Cloud. This is not about finding someone to blame; it’s about assigning an important task to the right party. You are in the business of serving your citizens, not the IT business, so you should not expect your internal IT team to have the technology, knowledge, and resources to protect you completely. You should rely on people whose are in the IT business to prevent and manage breaches.
Governments and agencies already in the cloud have experienced a Wow–I-never-thought-about-this benefit: patching SaaS (software-as-a-service like Office 365) and PaaS (Platform-as-a-service like Dynamics 365) solutions is not their problem. With its SLA (service level agreement), Microsoft provides a promise that their solutions will be operational, with defined downtime and security. If there is a problem, it’s Microsoft’s job to handle it. Additionally, when a ransomware or other attack occurs, Microsoft has a dedicated staff of professionals and the technology to ensure patches are applied, often before the general public knows about the issue.
But what if you don’t have Dynamics 365 or Office 365? What if you have an older version? Even in that case, you are hosting your solution in IaaS (Infrastructure-as-a-service), so the host controllers in the data center are keeping an eye on things for you. But you’re not completely in the clear. Since you’re running a VM (virtual machine), which has a Windows operating system, Microsoft can’t manage or monitor it for you—or notify you if there is a problem. You need a strong, qualified partner that can run your Cloud infrastructure as a Managed Cloud Service. Guarding against cyber-attack is where it should be—in the hands of the experts—so you can go about doing the business of serving your citizens.
- We cannot wipe out every hacker, so you will eventually deal with a data threat or breach. So, be prepared by trusting the task to the experts.
- Microsoft has invested billions into their data centers. They will be there, fixing problems quickly and efficiently—and ahead of you. If something does get past them, they have thousands of customers depending on them, so they will get it fixed fast.
- If you are in the cloud as an IaaS customer, a strong partner will deal with keeping everything up to date and watching out for hacks. They should have the resources to “follow the sun” to protect you 24/7.
Organizations in the public and private sector are taking advantage of the benefits of moving to the Cloud:
If this attack has you concerned for government, organization, and citizens, get out of the IT business with a move to the Cloud. Contact the Cloud experts at AKA Enterprise Solutions. We are a Microsoft Preferred Services Partner for Government and can help you architect and execute a plan that will ensure a smooth transition and a safer place for your citizens.