Think Microsoft Security Is Enough To Protect Microsoft 365 Data? Think Again.

COVID-19 has forced many of us to work from home (WFH). Some are using their home computers and accessing their Microsoft Windows Desktop, along with their Microsoft 365 accounts, through VPNs and RDPs. Managed Service Providers (MSPs) that don’t enable a robust Microsoft 365 protection solution are leaving the door open for data breaches.

The Threat Is Real

Cybersecurity experts already had predicted that 2020 was going to be worse for ransomware, phishing emails, and other threats before the COVID-19 pandemic. Now that the pandemic has disrupted the world economy, threats are expected to be worse.

According to Forbes, the largest ransomware attack in history could be on the horizon within the next six months. Author Stephen McBride, who works as a risk analyst searching for rogue activity, explains:

The more devices connected to a network, the larger its attack surface grows, making it easier for hackers to infiltrate the network. (…) Practically every employee in every firm in America is working from a makeshift desk on their kitchen table. Firms only had days to cobble together remote work plans. So you can bet most didn’t set up secure systems(…).

With that in mind, MSPs should ask themselves: Are we secure?

Microsoft Alone Is Not Enough

The Redmond, Washington-based company takes no liability for data loss. Section 6(b) of Microsoft’s Services Agreement clearly states:

We strive to keep the Services up and running; however (…) Microsoft is not liable for any disruption or loss you may suffer as a result. (…) We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.

Unfortunately, backups don’t always happen. A quick Google search will reveal thousands of data breach victims—some of them at MSPs.

The Cost of Vulnerabilities

Cognizant, a Global Systems Integrator (SI) MSP, recently suffered a Maze ransomware attack. Although Cognizant has recovered and the breach did not affect its customers, what it did affect should be a wake-up call to those MSPs relying on Microsoft for Microsoft 365 protection.

The malware infected the company’s system that was supporting people WFH. It also infected company laptops it was provisioning for WFH enablement. Cognizant had to shut down its billing system for a while, and conversations with its partners didn’t go well because it would not reveal the source of the attack.

As a result, Cognizant could take a US$70M hit, according to its own forecast.

Axcient Microsoft 365 Protection

Because more than 30% of small- to mid-sized organizations have migrated their on-prem Microsoft Exchange servers to Microsoft 365, Axcient provides CloudFinder as part of its x360 Platform to ensure data stored in the cloud is fully protected. With Axcient CloudFinder, MSPs can:

  • Provide a complete backup and restore solutions for Microsoft 365, including Mail, Contacts, Calendars, OneDrive, SharePoint, and Teams.
  • Use the full-text SmartSearch for to quickly find specific emails or files and quickly perform non-destructive restores.
  • Remain compliant with government regulations, such as the Health Insurance Portability and Accountability Act (HIPAA).
  • Transfer and store backup data securely in the Axcient Cloud, which earned an “A” rating from SecurityScorecard.
  • Receive exclusive service and support as an Axcient partner, which only sells to Managed Service Providers (MSPs).

CloudFinder guarantees your Microsoft 365 data remains secure. Independent studies have verified our backup solutions work. With innovative features such as AirGap, The Channel Company recently recognized Axcient for having one of the most rewarding partner programs through the IT Channel.

Use Axcient CloudFinder as your last line of defense against malicious attacks that ransom or destroy your production Microsoft 365 data to keep your customers’ businesses running.

About the Author: 
Matt Saxton // Technical Marketing Writer in Product, Axcient

Matt works remotely from Mount Vernon, Ohio, as a Technical Marketing Writer for Axcient. He was a journalist for nearly 20 years prior to switching careers and was the managing editor for three newspapers. His experience also includes working as an IT Director, Content Developer, and Production Manager. When he’s not researching or writing about cybersecurity, Matt enjoys time with his family and pets, gardening, photography, and remodeling his home.