The Importance of Business Continuity Planning for Microsoft 365 as Ransomware Attacks Spike

Imagine it’s the dead of night when, all of a sudden, you’re jolted out of your sleep by a flurry of buzzing and beeping from your phone. You wake up only to realize that you have just entered your worst nightmare after learning your company has fallen victim to a ransomware attack. While this is likely to cause some level of anxiety and fear for most, managed service providers who understand the importance of business continuity planning can breathe easier knowing they are prepared for such a disaster.

As an MSP, you see these situations play out every day. Now ask yourself, would you rather live in a world where you lose sleep every night because your business and livelihood are constantly at risk? Or one where you are confident in your cybersecurity posture? In this world, you never pay the ransom or experience significant downtime due to bad actors.

Sounds ideal, right? As it turns out, one difference between peace of mind and a world of worry is your business continuity plan.

Understand true business continuity and the primary goal of business continuity planning.

True business continuity involves a wide array of processes that primarily serve to uphold the essential function of your business during and after a disaster. Therefore, in the case of a cyber attack, the primary goal of business continuity planning is to map out a clear strategy for your business to follow in order to resume operations, and at the very least, mitigate the damage if system functionality is unable to continue.

The aim is to minimize downtime while at the same time ensuring data security and compliance with regulatory requirements. By and large, businesses that value the importance of establishing a business continuity plan find themselves able to meet these objectives. In contrast, businesses with lackluster continuity planning tend to be unprepared and go on to experience prolonged outages, with one report suggesting ransomware attacks account for an average of 23 days of downtime for most businesses.

There are many vendors with continuity solutions they claim will protect you against ransomware. Unfortunately, what’s advertised as “business continuity” won’t always keep your business going when an actual cyber-attack takes place. This phrase has become a buzzword and is often used inaccurately, and vendors can mislead well-intentioned MSPs into thinking they’re protected when they’re not. Reality hits when you must run a real-life recovery and realize you’re not getting the continuity you were promised.

MSPs have become a launchpad for ransomware, so your clients are only as safe as you are.

The reason why managed service providers are such a big target now is because they hold the keys to the castle. From the bad actors’ perspective, why target just one business when you can attack a collection of businesses with the same effort? There are a growing number of high-profile examples that illustrate this point. For example, the massive SolarWinds hack in 2020 or the more recent Kaseya VSA ransomware attack in July 2021.

That’s not to say that only large corporations need to worry about ransomware. While ransom payouts demanded from individual SMBs may be smaller, they can quickly add up to a hefty sum. Additionally, the scale of an attack on many different businesses can make it difficult for law enforcement to pursue and reach a positive resolution for those businesses.

When an MSP admin account is compromised, potentially, so is all client data. Now it’s not only your business that’s at risk but all of your clients’ businesses as well. The ransom goes up and so does the attacker’s leverage against you. Herein lies the critical need for a vendor who has your back with a product that delivers on its business continuity promise.

Despite the growing number of attacks, still far too few managed service providers implement a business continuity plan. Without this crucial step, MSPs aren’t equipped with the end-to-end recovery process knowledge necessary to keep business moving when disaster inevitably strikes.

That’s why Ancient is exclusively focused on the MSP channel in order to provide our MSP partners with a complete portfolio of business continuity services designed to empower MSPs with the industry-leading tools and knowledge needed to safeguard critical business infrastructure.

Our motto is protect everything, and that includes one of the most susceptible, and widely used tools, Microsoft 365. While many businesses rely on Microsoft 365 for their day-to-day productivity, they may not be aware that it comes with little protection against data loss or business interruption. In fact, because Microsoft provides no guarantee against data loss and only retains deleted data for 14 days, they themselves suggest customers use a third-party Microsoft 365 backup solution.

Ransomware just attacked your Microsoft 365 backup! Now what?

Let’s play that imaginary game just one more time. In this world, your client’s Microsoft 365 data has been compromised! The bad actor wants to compromise all of their email and OneDrive data, , but thankfully, they can’t.

Because you already know the importance of business continuity planning, you made the smart decision to protect your clients with x360Cloud, which provides true business continuity with flat-fee pooled storage and secure long-term retention (no need to delete anything, ever; unless of course for compliance purposes). x360Cloud backs up everything in your Microsoft 365 instance – including all licensed and unlicensed users’ Exchange, OneDrive, SharePoint, and Teams – so you can always recover anything and everything the moment you need it most.

The x360Cloud user-friendly interface enables full text and rich search so you can instantly find the infected data and recover it at any point prior to infection. Within seconds, you go from full panic meltdown to utter relief. You quickly see the value of true business continuity and can safely return to the world of sleep-filled nights and peace of mind.

Try x360Cloud for yourself (no credit card required, no obligation) as part of our free 14-day trial.

About the Author: 
Matt Dugan // Former Senior Group Product Manager, Axcient

As the former Senior Group Product Manager for Axcient, Matt Dugan led the SaaS product group at Axcient that includes the X360 Portal, the file sync and share, and the Microsoft 365 backup products. Matt was on the Axcient team for seven years and has spent the last decade working in data protection.


More Great Stuff From Our Blog:

Check out some other interesting pieces from our blog: MSP-friendly resources and tools to help MSPs educate clients to combat phishing attacks and Fight the Phish!, we dove into how chain-based backup works and why chain-free is the way to be, we talked with Jason Phelps from Huntress Labs about planning for the next ransomware attack, our CEO David Bennett explains why the current cybersecurity landscape means traditional backup is dead, or learn how you can ditch pricey on-site appliances with Local Cache for Direct-to-Cloud BCDR.