You can often get into surprise elements when moving into the cloud. If you don’t feel confident, find a vendor that you can trust. A good way to evaluate a vendor is getting recommendations. Going through reviews or asking for client recommendations are also a good way to proceed. Once you’re there, ask for a detailed bid – you’re less likely to run into surprise costs.
Dividing The Overall Tasks
Cloud migration is a daunting task involving almost every business function and not everything can be stopped in case any issues come up during the migration process. Therefore the best approach for a business is to build in milestones where it would be possible to temporarily stop the migration for whatever reason.
Everybody will agree here that cloud is considered a reliable and secure place to store data, but contrary to this, the migration process isn’t easy if you don’t have the right kind of developers/experts to channel you through the process. Every service provider offers a certain set of tools to guide you through the process so that you can do it manually, however finding the right team will save you both time and money.
By migrating your business to the cloud, you open it up to anyone with online access. One should carefully plan and place necessary tools to enhance the security aspect of the cloud platform specially from the user devices.
Know How It Works First
It is important that you know the platform inside out. Don’t move or use the cloud until you fully understand what is involved and how it works. It’s better to have a clear picture before you put your business into something you are not fully aware how it works, including how your information can be secured.
Consider The Application You Want To Use
Not every cloud application fits all. Depending on your cloud strategy and business objectives, the application might only solve certain parts of your migration or needs and not be flexible enough to transfer all of your intended data. Compare cloud applications. Weigh the costs, security, flexibility, storage, and the efficiency of the application before you decide to go with a specific solution.
Manage Every Step Of The Process
Migrating to the cloud is a big step and one that can have some positive effects on your business. However, such a major change also carries some risks with it. Do not think of it as flipping a switch and making the change all at once. Nor should you put all the responsibility on the shoulders of the cloud vendor. Take steps of your own to stay organized and maintain security.
Make Multiple Backups
We cannot stress this enough. Always copy your critical applications to cloud backups drives. The best strategy is to set up automated backups to multiple locations. These backups can and will save your business one day.
Since COVID-19 became a global pandemic and steps were put in place to contain its spread, more and more people have been forced to work from home. This transition requires many changes in how individuals and organizations operate and communicate, especially in terms of using computers, personal devices, and specific software that enables remote work.
At the same time, cybercriminals recognize that attacking home users is much easier as they are typically less secured outside their office, where security policies and measures are enforced (at least at some level). Yet to do their jobs, these remote workers need to connect to various servers and access and create confidential, sensitive documents and data from their less-secure home office environment.
The risk of losing important data or being compromised becomes much greater at home. That is why every remote worker should be prepared to secure his remote workspace. Here are five recommendations for securing a home office.
1. Use a VPN
Whether you are connecting remotely to company resources and services, or you are just browsing web resources and using telecommunication tools, use a Virtual Private Network (VPN). VPNs encrypt all of your online traffic to prevent hackers from capturing your data in transit.
If your company has a VPN practice, you most likely will get instructions from your admin or MSP technician. If you have to secure your working place yourself, use a well-known, recommended VPN app and service – they are widely available in different software marketplaces or directly from vendors. If you are in need of secure VPN, get in touch with us and we will help you with it.
2. Be wary of phishing attempts
As a topic, COVID-19 is already being widely used in all types of phishing attempts – and the number of such malicious activities will only grow. Every remote worker needs to prepare for the increase in phishing attempts by understanding and recognizing the threat.
Themed phishing and malicious websites appear in large numbers every single day. These typically can be filtered out on a browser level, but if you have a cyber protection solution installed on your work laptop or your company’s MSP delivers that protection with a solution like Acronis Cyber Protect Cloud, you are also secured by dedicated URL filtering. The same functionality is also available in endpoint protection solutions, although in Acronis Cyber Protect we have a special category related to public health which is updated with higher priority.
Of course, those malicious links have to come from somewhere, and they are typically delivered in instant messages, emails, forum posts, etc. Do not click any links you don’t need to click on, and always avoid those that you did not expect to receive.
These attacks also use malicious attachments to emails, so always check where an email really comes from and ask yourself are you expecting it or not. Before you open any attachment, be sure to scan it with your anti-malware solution, such as Acronis Cyber Protect Cloud.
It also helps to remember that the information you really want regarding COVID-19 or similar pandemics can be found from official sources like the World Health Organization (WHO), your national ministry of health, and state/local government agencies. Refer to those official agencies rather than opening links or emails from unknown sources.
3. Be sure to have good anti-malware up and running properly
Having a good anti-malware solution installed is a must nowadays. With Windows, where the majority of threats are targeted, the built-in Windows Defender makes it easier. It does a good job of stopping threats, although it still cannot match the top anti-malware products from security vendors.
Acronis Cyber Protect Cloud delivers many well-balanced and finely tuned security technologies, including several detection engines, so we would recommend it to use instead of an embedded Windows solution. Simply having an anti-malware defense in place is not enough, however. It should be configured properly, which means:
A full scan should be performed at least once a day
A product need to get updates daily or hourly, depends how often they are available
A product should be connected to its cloud detection mechanisms, in the case of Acronis Cyber Protect to Acronis Cloud Brain. It is active by default but you need to be sure that the internet is available and not accidentally blocked by anti-malware software.
On-demand and on-access (real-time) scans should be enabled and adjusted for every new software installed or executed.It is also important that you do not ignore messages coming from your anti-malware solution. Read these carefully and, if you use a paid version from a security vendor, be sure that license is active.
4. Patch your OS and apps
Keeping your operating system (OS) up to date is crucial, as a lot of attacks succeed due to unpatched vulnerabilities. With Acronis Cyber Protect, you’re covered with embedded vulnerability assessment and patch management functionality. We track all identified vulnerabilities and released patches, which allows an admin or technician to easily patch all their endpoints with a flexible configuration and detailed reporting.
Acronis Cyber Protect not only supports all embedded Windows apps, but also more than 40 third-party key popular apps including all telecommunications tools like Zoom or Slack, and a lot of popular VPN clients that are used to work remotely. Be sure to patch high-risk vulnerabilities first and use success reports to confirm that patches were applied properly.
If you don’t have Acronis Cyber Protect and do not use any patch management software, it is much harder. At a minimum, you need to be sure that Windows gets all the updates it needs and they are quickly installed – users tend to ignore system messages, especially when Windows asks for a restart. Ignoring these requests is a big mistake.
Also, be sure that auto-updates to popular software vendors like Adobe are enabled and such apps like PDF Reader are also updated promptly.
5. Keep your passwords and workspace to yourself
While this step has been mentioned many times as the top piece of security advice, during the response to COVID-19 it is doubly important to ensure your passwords are strong and known only to you. Never share passwords with anyone, and use different and long passwords for every service you use. Password management software makes this easier. Otherwise, an effective approach is to create a set of long phrases you can remember. And when we say long, we mean long, since the old eight-character passwords are easily opened by brute-force attacks now.
Also, even working from home, do not forget to lock your laptop or desktop and limit access to it. There are many cases when people can access sensitive information on a non-locked PC from a distance. Don’t assume you are protected simply because you are not inviting anyone you don’t know or trust into your home office.