Coretelligent Kaseya RMM – Proactive Security Hardening Updates

****Final Update 7/19/2021****

Coretelligent has re-enabled all external customer admin access this morning. Our engineering team is pleased to report that we are now 100% recovered and no further actions are needed at this time. We will continue to monitor the VSA environment over the coming days/weeks, and will also provide any additional postmortem information shared by Kaseya.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all measures we put in place were strictly precautionary in nature. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Friday Afternoon Update 7/16/2021****

Coretelligent engineering teams have been working around the clock, and we are pleased to announce all client workstations are now reactivated (ahead of schedule). At this time, we are planning to reconvene our engineer teams Monday morning and begin the process of re-enabling client access. We will send out messaging VIA email and here on our blog once all is complete on Monday.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Thursday Evening Update 7/15/2021****

We are pleased to announce that we will have full restoration of Kaseya VSA services to normal operations on Monday, 7/19 by 10am EST. This will include scoped client admin access for any technical resources.

At this time, all customer servers are back online with full monitoring, remote access, and automation capability for our teams as we previously communicated. In addition, regularly scheduled maintenance activities (patching, reboots, etc.) will resume based on existing schedules within the system.

For the remainder of today and Friday, we are bringing all remaining client workstation agents back online in a staggered fashion. We expect these to be fully online by close of business on Friday, 7/16, but we want to allow the weekend for the system to fully catch up and process all these agents as they have been offline for an extended period of time.

As a follow-up to the completion of our Kaseya VSA service restoration, we will be publishing a full breakdown of this incident from our CTO, Christopher Messer, here on our blog. We thank you for your patience during this time. The security and integrity of our customers continues to be the number one priority for our team. We feel that we have evaluated and implemented all reasonable controls to keep both our VSA platform as well as our customer environments secure.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Wednesday Evening Update 7/14/2021****

At this time we have brought all Coretelligent internal devices (servers & workstations) and all customer servers back online in Kaseya VSA and are monitoring overnight. Tomorrow we will begin bringing customer workstations back online, with our estimated goal of full-service restoration by Monday, 7/19.

At the moment, all access to Kaseya is restricted to Coretelligent employees on our local network(s) only. Global external access and customer admin logins to Kaseya remain disabled at this time. We plan to enable these items as the final step in the service restoration process.

We will continue to update you as we have additional information available via email and here on our Blog.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact us via 1-855-841-5888.

 

****Wednesday Afternoon Update 7/14/2021****

Coretelligent successfully applied the Kaseya VSA patch and all necessary config & security recommendations to our servers yesterday afternoon. We are continuing to slowly bring server agents online to minimize the performance impact. Workstations will be brought online after all critical servers are restored & tested. We are continuing to monitor security and performance metrics and will provide an update at end of day today.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Tuesday Evening Update 7/13/2021****

Coretelligent has successfully applied the Kaseya VSA patch to our servers this afternoon. We are now finalizing security lockdown efforts and service testing and validation with our internal servers before bringing services and external access online for customers.

We are continuing these efforts into the evening and will provide another update Wednesday morning on the overall restoration and testing status.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Tuesday Morning Update 7/13/2021****

Coretelligent engineering teams met this morning and reviewed Kaseya’s on-premise VSA patch details and general feedback & status to date. We have not heard of any major reported issues with the patch, and have commenced our Kaseya patching and restoration efforts. We expect this to run all day and will keep you informed in our evening update.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and here on our Blog. Additional updates via Kaseya can be found here: https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Monday Evening Update 7/12/2021****

The Kaseya VSA SaaS platform has been brought back online successfully and has been operational since Sunday. There was unplanned maintenance was performed across the entire Kaseya SaaS farm today, between 12:00 PM to 2:00 PM. With a large number of users coming back online in a short window, they were made aware of some performance issues. Kaseya made some configuration changes to address the issues during this downtime and needed to restart the servers for these to take effect and improve performance. The unplanned maintenance across the VSA SaaS infrastructure has been completed and all instances are now live.

Coretelligent engineering teams met this afternoon and reviewed the on-premise VSA patch details and general feedback & status to date. We have not heard of any major reported issues with the patch, however, we are opting to wait overnight to see if any additional feedback comes in from other Kaseya VSA customers that have applied the patch in their environment.

At this time, we are planning to reconvene our engineer teams at 10 AM EST on Tuesday (tomorrow), and barring any reported issues, will begin patching and configuration efforts to bring our VSA server back online. We expect this will be a phased process, and to avoid performance issues, we will bring individual clients & endpoints back online in a staggered manner. In addition, we will not enable client admin access until we have finished testing and validating the new security measures.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and here on our Blog. Additional updates via Kaseya can be found here: https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Monday Morning Update 7/12/2021****

Kaseya released the patch to VSA On-Premises customers and began deploying to their VSA SaaS Infrastructure before yesterday’s 4:00 PM target. The restoration of services is now complete, with 100% of their SaaS customers live as of 3:30 AM US EDT. Kaseya’s support teams continue to work with VSA On-Premises customers who have requested assistance with the patch. Coretelligent will be reviewing the patch status later today and then releasing our own timeline for restoration.

Please continue to be assured, no one at Coretelligent, nor any Coretelligent customers have been affected by this, but we will continue to monitor and update you on the situation.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and here on our Blog. Additional updates via Kaseya can be found here:
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Sunday Morning Update 7/11/2021****

Coretelligent’s internal team has reviewed Kaseya’s startup runbook and security recommendations, and are ready for the patch release, which is still slated for Today at 4 PM EDT. As stated in earlier communications, Coretelligent will be reviewing the patch upon release, but will not be applying it immediately. We will wait 24 hours at minimum to ensure things are stable & fully validated before beginning to restore our VSA server infrastructure on either Monday or Tuesday.

Please continue to be assured, no one at Coretelligent, nor any Coretelligent customers have been affected by this, but we will continue to monitor and update you on the situation.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and here on our Blog. Additional updates via Kaseya can be found here:
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Saturday Evening Update 7/10/2021****

Coretelligent’s internal team has reviewed Kaseya’s startup runbook and security recommendations, and are ready for the patch release, which is still slated for Sunday, July 11th at 4 PM EDT. Please continue to be assured, no one at Coretelligent, nor any Coretelligent customers have been affected by this, but we will continue to monitor and update you on the situation.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and here on our Blog. Additional updates via Kaseya can be found here:
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Saturday Morning Update 7/10/2021****

Kaseya remains on track to release the VSA On-Premises Patch and begin deployment to their VSA SaaS Infrastructure on Sunday, July 11th at 4 PM EDT.

As previously communicated, spammers are using the news about the Kaseya Incident to send out fake email notifications that appear to be Kaseya updates. These are phishing emails that may contain malicious links and/or attachments. Spammers may also be making phone calls claiming to be a Kaseya Partner reaching out to help. To be clear, Kaseya IS NOT having any partners reach out – DO NOT respond to any phone calls claiming to be a Kaseya Partner.

Please continue to be assured, no one at Coretelligent, nor any Coretelligent customers have been affected by this, but we will continue to monitor and update you on the situation.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and here on our Blog. Additional updates via Kaseya can be found here:
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Friday Evening Update 7/9/2021****

As previously communicated, spammers are using the news about the Kaseya Incident to send out fake email notifications that appear to be Kaseya updates. These are phishing emails that may contain malicious links and/or attachments. Spammers may also be making phone calls claiming to be a Kaseya Partner reaching out to help. To be clear, Kaseya IS NOT having any partners reach out – DO NOT respond to any phone calls claiming to be a Kaseya Partner.

Kaseya will be providing a video update from their Executive Vice President, Mike Sanders, later this evening with an update on the incident, their response, and release planned for this Sunday at 4PM US EDT. In the meantime, Coretelligent has run the Kaseya Compromise Detection Tool against our VSA servers and they came back clean as expected. We are ready for the upcoming patch release and return to production operations next week. Please continue to be assured, no one at Coretelligent, nor any Coretelligent customers have been affected by this, but we will continue to monitor and update you on the situation.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and here on our Blog. Additional updates via Kaseya can be found here:
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Friday Morning Update 7/9/2021****

Please continue to be assured, no one at Coretelligent, nor any Coretelligent customers have been affected by this, but we will continue to monitor and update you on the situation.

Unfortunately, Kaseya is reporting a number of spammers targeting the public with fake email notifications that appear to be Kaseya updates. These are phishing emails that may contain malicious links and/or attachments. Do not click on any links or download any attachments in emails claiming to be a Kaseya advisory coming from outlets you are not already familiar with. Official updates from Kaseya will no longer include attachments or links.

Kaseya has also released VSA On-Premise Hardening and Practice Guide as well as runbooks for the upcoming release. As communicated previously, the On-Premises Patch will be available and Kaseya will start the deployment to their VSA SaaS Infrastructure Sunday, July 11th at 4 PM EDT. Coretelligent will be reviewing the patch upon release, but will not be applying it immediately. We will wait 24 hours at minimum to ensure things are stable & fully validated before beginning to restore our VSA server infrastructure on either Monday or Tuesday.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and here on our Blog. Additional updates via Kaseya can be found here:
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Thursday Evening Update 7/8/2021****

Kaseya has announced the On-Premises Patch will be available and they will start the deployment to their VSA SaaS Infrastructure Sunday, July 11th at 4 PM EDT. Coretelligent will be reviewing the patch upon release, but will not be applying it immediately. We will wait 24 hours at minimum to ensure things are stable & fully validated before beginning to restore our VSA server infrastructure on either Monday or Tuesday.

Kaseya’s CTO will also begin providing technical updates, both written and video later this evening in addition to the regular progress updates we’ve been getting. Please be rest assured, no one at Coretelligent, nor any Coretelligent customers have been affected by this, but we will continue to monitor and update you on the situation.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and this Blog. Additional updates via Kaseya can be found here:
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689.

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

Best,
Your Coretelligent Team

 

****Thursday Morning Update 7/8/2021****

Kaseya’s CEO, Fred Voccola, just posted a video update. In the update, he outlines a plan in which Kaseya has opted to hold the patch which will allow them the time to add additional security measures and protections, at the advice of various resources. The new estimated time for the patch release is Sunday afternoon.

Kaseya’s CTO will also begin providing technical updates, both written and video in addition to the regular progress updates we’ve been getting. Coretelligent continues to monitor the ongoing Kaseya situation and will provide regular updates as they become available.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email here, on our Blog. Additional updates via Kaseya can be found here:
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689. Kaseya’s CEO also recently released a helpful video that gives a great update as well as an overview of the situation: https://www.youtube.com/watch?v=XfAyutRfy2A

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Wednesday Evening Update 7/7/2021****

Kaseya is currently in the process of resetting the timelines for VSA SaaS and VSA On-Premises deployment. The current situation remains fluid at this point in time. We are awaiting a video update from Kaseya’s President which is said to provide additional clarity on the situation. Coretelligent continues to monitor the ongoing Kaseya situation and will provide regular updates as they become available.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and here on our Blog. Additional updates via Kaseya can be found here:
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689. Kaseya’s CEO also recently released a helpful video that gives a great update as well as an overview of the situation: https://www.youtube.com/watch?v=XfAyutRfy2A

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Wednesday Afternoon Update 7/7/2021****

Kaseya just announced that all On-Premise customers should expect a runbook of the changes to make to any On-Premises environment by 3 PM US EDT today so customers can prepare for the patch release. Updates will be made to the planned availability of the VSA On-Premises patch by 5 PM US EDT today. During the VSA SaaS deployment, an issue was discovered that has blocked the release. We are resolving the issue that is related to our SaaS infrastructure and we plan on beginning to restoring SaaS services no later than the evening of Thursday, July 8th US time. Please note that these times are however subject to change due to unforeseen circumstances. Coretelligent continues to monitor the ongoing Kaseya situation and will provide regular updates as they become available.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and here on our blog. Additional updates via Kaseya can be found here:
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689. Kaseya’s CEO also recently released a helpful video that gives a great update as well as an overview of the situation: https://www.youtube.com/watch?v=XfAyutRfy2A

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Wednesday Morning Update 7/7/2021****

We will continue to push communications around Kaseya as they become available. Most recently, Kaseya has recently announced that an issue was discovered last night as they were trying to deploy the VSA update. This issue has in turn blocked the release. Kaseya’s R&D and Operations teams have worked through the night and will continue to do so until they have unblocked the release, with plans on giving another update on their progress this afternoon. Coretelligent continues to monitor the ongoing Kaseya situation and will provide regular updates as they become available.

We will update you as we have additional information available VIA email and this blog. Additional updates via Kaseya can be found here: https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689

To be clear, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Tuesday Afternoon Update 7/6/2021****

Coretelligent continues to monitor the ongoing Kaseya situation and will provide regular updates as they become available. Recently, Kaseya announced they are aiming to bring SaaS servers online July 6th between 4:00 PM EDT and 7:00 PM EDT. This delay was due to configuration change and enhanced security measures being put in place. They also announced On-Premises patch timeline is 24 hours (or less) from the restoration of SaaS services. They are continuing efforts to shrink this time frame as minimally possible.

It is important to note, once the On-Premises patch is released by Kaseya, Coretelligent will be reviewing and testing internally before applying to our systems, so there will be some additional delay before our services are brought back online.
As part of the overall VSA service restoration effort, Kaseya also announced several security measures to improve overall platform security.

The enhanced security measures that will be brought online are:

  • 24/7 Independent SOC for every VSA with the ability to quarantine and isolate files and entire VSA servers.
  • A complementary CDN with WAF for every VSA (Including on-premise that opt-in and wish to use it – details will be available in a KB later this afternoon).
  • Customers who whitelist IPs will be required to need to whitelist additional IPs.
  • A new KB article on the SOC, CDN, and Whitelisting details will be published later this afternoon and linked to this KB on the Kaseya website.
  • Greatly reduces the attack surface of Kaseya VSA overall.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and here on our blog. Additional updates via Kaseya can be found here: https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689. Kaseya’s CEO also recently released a helpful video that gives a great update as well as an overview of the situation: https://www.youtube.com/watch?v=XfAyutRfy2A

Once again, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Monday Afternoon Update 7/5/2021****

Currently, Kaseya is continuing its investigation and testing operations to develop a software patch for this vulnerability. Kaseya has informed us the next status update we receive from then will be between 5pm and 7pm EST tonight. We are continuing to monitor and will provide updates when available.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and here on our Blog. Additional updates via Kaseya can be found here:
https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689

To be clear, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Sunday Evening Update 7/4/2021****

Currently, Kaseya is continuing its investigation and testing operations to develop a software patch for this vulnerability. We are expecting a patch release at some point tomorrow. Once we have the release from Kaseya, Coretelligent will begin to bring service back online. We are continuing to monitor and will provide updates when available.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and this Blog. Additional updates via Kaseya can be found here: https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689

To be clear, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Sunday Morning Update 7/4/2021****

Currently, Kaseya is continuing their investigation and testing operations to develop a software patch for this vulnerability. We are continuing to monitor and will provide updates when available.

In the interim, customers are protected via endpoint security software (SentinelOne, Webroot, etc.). All major vendors are updated and tracking to block the ransomware and infected files that were used in this attack. This will help provide additional protection and visibility until our Kaseya VSA platform is fully patched and brought back online.

For Coretelligent customers leveraging SentinelOne for endpoint security, they have created a short video demonstrating the SentinelOne agent protecting against the Kaseya attack. You may view the video here: https://assets.sentinelone.com/ransom/Kaseya.

Coretelligent customers leveraging Webroot are also protected, as Webroot has also added the appropriate information into their system to identify and block the elements used in this attack.

Our support team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and this Blog. Additional updates via Kaseya can be found here: https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689

To be clear, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

Best,
Your Coretelligent Team

 

****Saturday Evening Update 7/3/2021****

We are continuing to monitor the ongoing Kaseya situation.

Currently, Kaseya is still performing their investigation and testing operations. Our team continues to be available and is utilizing alternate methods to provide support for end-users. We will update you as we have additional information available VIA email and this blog. Additional updates via Kaseya can be found here: https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689

To be clear, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary. If you have any questions, please contact Coretelligent at 1-855-841-5888.

 

****Saturday Morning Update 7/3/2021****

As you’re already aware per our email notice yesterday, there has been a security issue that has impacted other Managed Services Providers leveraging the Kaseya Remote Monitoring and Management (RMM) platform. Please be rest assured, no one at Coretelligent, nor any Coretelligent customers have been affected by this, but we will continue to monitor and update you on the situation.

The current guidance from Kaseya is to keep servers shutdown and await further instructions on when it will be safe to resume. There will then be a software patch required before normal operations can be restored. Currently, there is no ETA on this patch from Kaseya at the moment.

Coretelligent is continuing to monitor the situation and we will send out twice-daily email updates (AM and PM). We will also post any updates in this blog as they are available.

Additional updates via Kaseya can be found here: https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689

A comprehensive update is in progress and will be published later this morning (EDT).   This communication will include prescriptive information on:

  • The external authorities (FBI, Incident Response Experts) that we have engaged and how we are leveraging them for assistance;  
  • How our customers can engage Kaseya for assistance and what we can do to help;  
  • How to determine whether customers have been compromised;  
  • Status updates from R&D on the progress of the patch for on-premises users;  
  • The plan to bring our SaaS and on-premises customers back online;  
  • A detailed description of the Security Incident process and current status;  
  • A schedule for communications updates;  
  • Other important information about the recovery process.    

Ongoing updates will be provided every 3-4 hours or more often based on breaking details.  

Our team continues to be available and is utilizing alternate methods to provide support for end-users. To be clear, Coretelligent, nor any of our customers, have been affected by this security issue, all of these measures are strictly precautionary.

If you have any questions, please contact Coretelligent at: 1-855-841-5888.

by
Hybrid Workplace

How is the New Normal of the Hybrid Workplace a Cybersecurity Challenge?

Hybrid WorkplaceSimilarly to 2020, when many businesses shifted to remote work in response to COVID-19, the hybrid workplace has emerged as the new normal for 2021 as U.S. companies respond to current conditions and plan for the future. And while there are many advantages for both companies and employees, the hybrid workplace has challenges. The biggest is facing two fronts on the cybersecurity battlefield.

Protecting an organization from cyberattacks is tough enough without having the added responsibility of protecting an organization’s network and data both on- and off-site. The hybrid work environment requires IT to protect a multitude of devices and computing settings with an ever-expanding mix of tools and platforms to protect access to networks and data from bad actors.

Hybrid Environment Vulnerabilities

The hybrid model is a logistical challenge and potentially opens more access points for cyberattacks through vulnerabilities from unsecured home networks, outdated home Internet of Things devices, and the use of unprotected personal devices. And that’s not to mention that workers may be switching between a remote work environment and on-site, carrying comprised corporate devices from their home networks to work environments and back again.

The new normal of the hybrid workplace comes on the heels of an increase in cybercrime during the height of the pandemic. In 2020, the FBI received almost 800,000 cybercrime complaints, representing a 69% increase over the year before. And 2021 has seen some very high-profile attacks. As a result, experts and law enforcement are calling for business leaders to re-examine their cybersecurity posture to make sure their organizations are protected.

“Remote employees are seen as an easy target by cybercriminals, complicating the new hybrid workplace, shares Chris Messer, Chief Technology Officer at Coretelligent. “Businesses should remain vigilant to cybersecurity threats and focus on strengthening their cybersecurity protocols with an eye on both on-site and remote access. As most breaches are caused by human error, focusing on end-user training, and creating a culture of cybersecurity awareness could significantly improve outcomes.”

The solutions for hybrid cybersecurity are not static or one-size-fits-all. A completely remote workforce can be segmented to protect networks, but the hybrid workforce is much more difficult to defend. The security policies and security practices from IT need to be proactive and flexible to meet this challenge.

5 Recommendations for Managing Cybersecurity Risks in the New Hybrid Work Model

  1. Strengthen Remote User/Device Security

To safeguard your network, your IT team needs to protect each user and every device with multi-layered protection—no matter where those users and devices are located. These layers of protection should include components like device management, a Virtual Private Network (VPN), enterprise-level web filtering, spam filtering, and more. The CoreArmor platform unifies essential security technologies into a single cohesive platform, providing protection across the entire environment, whether employees are on-site or working remotely.

  1. Update. Update. Update.

Regularly updating VPNs, corporate network infrastructure, software, applications, and devices with the latest software patches and security configurations can help plug holes that cybercriminals can use to gain access to your systems. Cybersecurity protection is not a fixed function but requires constant maintenance to address potential vulnerabilities.

  1. Access and ID Verification

If your organization is not already utilizing access controls and identity-management tools, both are simple solutions that can make a significant impact. The experts at Coretelligent recommend employing strengthened user verification controls, like multifactor authentication. Additionally, access control limits and manages which users can run, open, view, or edit systems and data.

  1. Culture of Awareness

With most threats being introduced through email, users must understand their shared responsibility in protecting an organization’s systems and data. Therefore, end-user security training and promoting good cybersecurity hygiene are critical components of the hybrid workplace’s cybersecurity response.

  1. Real-time Monitoring

The hybrid environment necessitates real-time monitoring of networks. Real-time monitoring allows your organization’s IT team or managed service provider to prevent, detect, and respond to threats immediately to protect your assets.

Hybrid Workplace

At this early stage, it is difficult to say whether the hybrid workplace will be a lasting change or whether if it is only a temporary response to current events.  What you can count on is that the professionals at Coretelligent are available to help your organization with a wide range of IT solutions. If you have questions about configuring hybrid work solutions for your company, reach out by calling 855-841-5888 or email  info@coretelligent.com to schedule your complimentary initial consultation.

by

5 Cybersecurity Terms You Have Come Across But Might Not Know

Cybersecurity TermsAs you read or listen to the news about the increase in cybercrime—or as you evaluate your organization’s cybersecurity posture–you may come across some unfamiliar terminology. While you do not have to become a cybersecurity expert, having at least a basic knowledge of cybersecurity terms can be an advantage in today’s cybersecurity ecosystem.

Read on to learn more about some of the cybersecurity terms that you have likely come across.

5 Cybersecurity Terms You Should Know

1.Blockchain is the technology that makes digital currencies like Bitcoin possible. Blockchain is a continuous record of cryptographically encrypted transactions that are duplicated and distributed across a network. Individual records are referred to as blocks, and when combined, they form a chain. Each transaction is timestamped, which allows those with access to confirm individual transactions. First created in 2008, blockchain technology can be used for other applications where a secure ledger of transactions is required.

The creation of blockchain and the emergence of cryptocurrencies has spurred an increase in ransomware. Since blockchain technology is exceptionally secure, cryptocurrencies make it easier for cybercriminals to evade law enforcement.

2. Domain Spoofing is a form of phishing in which cybercriminals impersonate a legitimate source to gain access to a secure system. The criminals employ false domains that appear legitimate to trick users into divulging details to allow hackers to access a secure network. FINRA recently shared a warning about bad actors sending out emails with fake domains that look legitimate but were not.

3. Data Exfiltration is the illicit transfer of data from within an organization’s systems to an external location. This transfer can be completed via hacking, phishing, other social engineering tactics, malware, or even a USB device. Frequently, organizations never even become aware that sensitive data has been exposed or later learn due to ransomware or other cyberattacks.

Cybercriminals are increasingly using data exfiltration as a tactic to pressure victims into complying with ransom demands by threatening to publicly release sensitive data, like proprietary information or confidential client data. Even enterprises with a robust data backup and recovery system could feel pressured to pay to keep sensitive data from being made public. The best defense is to not become a victim in the first place by implementing a strong cybersecurity posture.

4. Pen Test, or penetration testing, is a cybersecurity evaluation method performed by cybersecurity professionals to determine the effectiveness of an organization’s cybersecurity protections. A pen test is an advanced form of security assessment that looks for flaws very much in the same way that hackers do, but with the expressed purpose of strengthening an organization’s network. Coretelligent offers penetration testing as a service to clients utilizing CoreArmor.

5. RaaS, or Ransomware as a Service, is a business model in which a criminal group creates and leases malware to other cybercriminals who then use it to hack a victim organization’s data, encrypt that data and demand a ransom. The ransomers pay for the use of the malware, just like a legitimate business might pay for a subscription to use Salesforce, Microsoft, or Amazon Web Services.

About Coretellligent

Led by world-class technology experts, Coretelligent offers best-in-class services covering a full range of technology needs: 360 Support, Unified Cloud Management, CoreBDR, and CoreArmor. Top-tier organizations in the financial services, life sciences, technology, legal, and professional services sectors rely on Coretelligent to maximize their technology return on investment.

by

Boost Your Enterprise Capacity with a Better Understanding of Cloud Computing Environments

Cloud Computing Environments

We have all heard the phrase “it’s in the cloud.” And you might be wondering where is the cloud, but the more appropriate question is how does the cloud work. Some think that the significance of cloud computing is the off-site storage of data and infrastructure. However, the most defining characteristic of cloud computing environments is not where your data and computing power live but how it is accessed.

With cloud computing, data can be found both on- and off-site—the key is how that data is accessed. With traditional computing, data needed to live on your hard drive, but cloud computing allows data to be stored anywhere because it is available to you via the internet. In short, cloud computing is defined as the on-demand access to data and computing power via the internet.

The Different Cloud Computing Environments

 The different deployment models within cloud computing environments can help us better understand the versatility and power of this approach to computing.

Public CloudPublic Cloud  

A public cloud is an open model that provides the most versatility for organizations looking for cloud computing and storage. With this approach, a cloud provider offers storage space and infrastructure to many clients accessible via the internet. The provider houses these resources, and maintaining those resources falls to them and not the individual clients. This model is cost-effective and easily scalable for small- to medium-sized organizations with lower privacy and regulatory requirements. Microsoft Azure is an example of a public cloud.

Private CloudPrivate Cloud  

In contrast to the public cloud, a private cloud is controlled and maintained by one organization on a private network. The infrastructure can be housed on-site or off-site utilizing colocation services, but maintenance and security are the responsibility of the business itself. While there are higher capital and operational costs with this model, it is more suitable for businesses with tighter data security and regulatory requirements. CoreCloud is Coretelligent’s private cloud service and provides organizations with more control and a higher level of support.

Hybrid CloudHybrid Cloud 

As the name implies, this approach utilizes both private and public cloud computing. It is a customizable approach that allows for more flexibility and recognizes that IT solutions are not one-size-fits-all. The main advantage of this approach is to reap the benefits of the lower costs and scalability of public cloud computing but still utilize the private cloud for data and infrastructure that requires more control and security.

Choosing the Best Cloud Environment for Your Organization

Coretelligent offers Unified Cloud Management, which means we work with clients to develop a roadmap and customized cloud solutions to optimize performance and cost—whether you need public, private, or hybrid solutions. We are the experts, so you don’t have to be.

Reach out to learn more about public, private, and hybrid cloud options.

 

by
Phishing Alert

Phishing Scam Targets Brokerages with Fake FINRA Credentials

Phishing ScamThe Financial Industry Regulatory Authority (FINRA) recently notified members of a phishing operation in which fake emails are sent to FINRA member firms that appear to be legitimate emails from the regulatory agency. The emails are being sent from the domain “@gateway-finra.org,” which is not affiliated with FINRA. The scheme threatens penalties if the recipients do not click the “view request” link and submit the requested information.

FINRA is a government-authorized not-for-profit organization that oversees U.S. broker-dealers and is supervised by the U.S. Securities and Exchange Commission (SEC).

The FINRA alert recommends that any user who receives the email delete it and not click on the link request. Any individual who does click the link should immediately notify the appropriate unit in their firm.

Phishing Examaple

The phishing email sent out to FINRA members.

The alert also advises that members review the FINRA Report on Cybersecurity Practices – 2018, which includes a number of suggestions to avoid falling prey to these kinds of attack, including regularly training employees to recognize phishing attempts and implementing email scanning and filtering to monitor and block attempts, among other recommendations.

This alert is the latest notice FINRA has released notifying members of a phishing scam targeting brokerage firms. The last warning was in March 2021, and the one before that was posted in November 2020.

Phishing consists of unsolicited emails, text messages, and telephone calls allegedly from a legitimate source requesting personal, financial, or login credentials. According to the FBI’s Internet Crime Report, phishing was the most common type of cybercrime in 2020, with over 241,342 incidents reported.

Coretelligent offers a free toolkit for organizations to utilize as basic internal training for your employees. The toolkit includes examples of phishing emails, a PowerPoint deck for introductory training sessions, and pro tips to help your employees spot phishing attempts.

Coretelligent’s CoreArmor cybersecurity solution also provides best-in-class phishing testing, comprehensive end-user cybersecurity training, and 24x7x365 intrusion detection monitoring and response, among other benefits.

by
Double Encryption Ransomware

How is Double Encryption Ransomware Making Double the Trouble for Businesses?

Double Encryption RansomwareIn 2020 ransomware victims paid over $350 million in ransom to cybercriminals—a 311% increase over the prior year—according to a 2021 report from the Ransomware Task Force. And the tactics used by the attackers are ever-evolving, designed to make their attempts more successful and profitable.

While not necessarily new, double encryption ransomware is one tactic that has seen an increase. Previous attempts usually involved cybercriminal groups combining forces for a coordinated attack on an organization. However, this time around, the strategy is different.

What is Double Encryption Ransomware

Double encryption is a variant of double extortion. Many double extortion attempts involve a ransom demand to unlock data, followed by a threat to release sensitive data unless an organization pays a second ransom. The key in both double encryption and double extortion is that there are two distinct ransom attempts.

Recent months have brought about an increase in double encryption ransomware attacks. These attacks have centered around two models.

    1. In the first, a criminal group encrypts an organization’s data and extracts a ransom only for the victim to discover that a different type of malware also encrypts their data. Sometimes, the victim is aware of both encryptions; other times, targets are notified only after paying the ransom for the first encryption.
    2. With the second model, criminals encrypt half of an organization’s data with one type of malware and the remaining data with another malware program. Again, sometimes victims are aware of both encryptions up front; in other cases, they only become aware after paying the first ransom.

A helpful analogy might be thieves returning to the same house because the initial robbery was fruitful, and access to the home was easy enough.

When faced with a ransomware demand, it might be tempting to pay it. Yet, there is no guarantee that the attackers will provide the encryption key—or that they are not also planning to spring another encryption on your organization.

Remember, there is no honor amongst thieves, and cybercriminals will use whatever strategy nets them the most profit. That is why law enforcement recommends that victims do not pay ransoms. Acquiescing to the demands of ransomware extortionists only feeds the fire and escalates the threat to us all.

How to Safeguard Your Organization

Cybersecurity experts recommend implementing a secure offsite backup system as the most effective way for your organization to combat ransomware—double encryption attempt or not. No matter what, a cyberattack will be a disruption to your business. Still, a robust backup system will allow your organization to get up and running without relying on cybercriminals to be trustworthy and incomplete or corrupted data from frequently faulty de-encryption methods. A secure backup system also provides the option for your organization to choose not to comply with the ransom demands, which is, again, the recommended response according to law enforcement.

In considering or evaluating an existing backup system, make sure to utilize the best practices for backup systems:

    • Implement and regularly test your organization’s backup system. Backups are only as effective as your ability to restore from them. A reliable backup system should not be “set it and forget it.”
    • Backups should be securely stored and not accessible via your organization’s network to safeguard them from cybercriminals.
    • Prepare a contingency and restoration plan that can be put into action if the worst happens.

Backup and Disaster Recovery Solution

Coretelligent is a leader in backup and disaster recovery. Our CoreBDR solution provides high-performance, highly secure data protection to maintain business continuity, no matter the source of the data loss—whether natural disaster, accident, or cybercrime.  CoreBDR protects all types of data: including massive, complex, and rapidly growing data sets with unprecedented recovery times, scalability, and security.

To learn more about CoreBDR and our other cybersecurity solutions, reach out to our experts online or call 855.841.5888.

by
First Ransomware

Fast Fact Friday: First Ransomware Attack

Fast Fact Friday

The History of Ransomware

Did you know that the first known ransomware attack took place over 30 years ago, in 1989? A Harvard-taught evolutionary biologist named Joseph Popp, widely recognized as the creator of ransomware, created a malware program and sent it out on floppy disks to over 20,000 individuals on a conference mailing list. While malware already existed, the addition of extortion was new. When inserted, the disk would lock up the computer, and a demand to send $189 to a P.O. Box appeared on the screen.

It is unclear if anyone sent the ransom or not, but the malware itself was apparently simple to work around. “While the conception is ingenious and extremely devious, the actual programming is quite untidy,” Virus Bulletin, a journal for IT professionals, wrote about the program. Still, with over 20,000 disks sent out, some individuals were unable to recover their data. The motives behind the attack remain unclear as the attempt was not financially successful—especially considering the cost of mailing 20,000 floppy disks worldwide.

The Current Landscape

Since this initial incident, cybercriminals have grown more successful in their attempts at digital extortion. For example, in a recent attack, one U.S. insurance company paid out $40 million to gain back access to their networks and data. That is a far cry from the first ransomware demand of $189.

While in its infancy, ransomware was low risk for most computer users and low reward for most cybercriminals, but the threat of ransomware has increased and grown to become highly profitable for criminals. The pandemic further exacerbated the ransomware problem. Acting Deputy Attorney General John Carlin said 2020 was the “worst year” to date for ransomware. Furthermore, considering the vulnerability of the nation’s infrastructure and the potential damage to critical industries–like financial services and healthcare—this growth in ransomware has prompted law enforcement and government officials to prioritize it as a risk. To that end, the U.S. Justice Department has formed a task force to address the problem of ransomware, discover its root causes, and act as a disrupter to cybercriminals and their networks.

The Future

Even with the latest emphasis on combatting cybercrime, ransomware will continue to be a severe risk for the unforeseeable future. Mitigate your organization’s risk by partnering with an MSP that offers cybersecurity, regulatory compliance, and backup and disaster recovery expertise. Coretelligent’s white-glove IT service includes solutions that provide the protection your organization needs.  CoreArmor is a comprehensive cybersecurity solution that can keep you in compliance with the latest regulatory requirements. CoreBDR is our backup and disaster recovery solution that will help get you up and running should the worst happen.

by
Cybersecurity and Ransomware

Think About IT: The Ransomware Problem

Cybersecurity and Ransomware

The Ransomware Problem

The recent headlines around the Colonial Gas Pipeline ransomware attack are yet another canary in the coalmine broadcasting the importance of routinely assessing your organization’s security readiness. Estimates put the total paid out to the hacking group behind this attack at around $90 million before they were shut down. As long as organizations remain susceptible to these attacks and, more importantly, keep paying the attackers, this threat will continue.

There were over 304 million ransomware attacks in 2020. Not all of them resulted in the attackers successfully extorting money from victims, but according to Coveware, a ransomware remediation service, the average ransomware payment grew to over $220,000 in the fourth quarter of last year. 

Ransomware consistently ranks as one of the largest and fastest-growing security threats, with a massive 62% spike in attacks in 2020 compared to the year before, according to data in SonicWall’s 2021 Cyber Threat Report. The report also highlights how the impact of a global pandemic and record-high cryptocurrency prices combined into a perfect cyber-storm driving ransomware attacks to new heights–and that storm is showing no signs of easing.

The Cost of Ransomware

The cost of ransomware is not only limited to the amount of the attempted extortion, but hidden costs can further drain resources from a targeted business. For example, a recent report from Carbonite + Webroot reveals that 46% of ransomware targets indicated that their clients were also affected, which could have long-lasting impacts on the financial stability of all involved. Additionally, and most terrifyingly, the report discloses that 17% of victims could not recover their data after paying the ransom, which would be a catastrophic consequence for most organizations.

While these statistics are sobering and should be taken extremely seriously, there are measures that your organization can undertake to protect itself.

Defense As a Culture Shift

Effective protection against ransomware and similar threats requires a multi-layered approach, commonly referred to as defense in depth. With this tactic, numerous levels of security products and services are interwoven to create a robust barrier designed to thwart attacks. In addition, it should be noted that a dedicated cybersecurity insurance policy, with appropriate provisions and coverage to protect against ransomware and other security events, is also a necessity moving forward.

Whether it has been in the past or not, a strong cybersecurity posture should be a leading driver of not only your organization’s IT infrastructure but across your enterprise. Cybersecurity readiness needs to be valued at every level and by each team member. Cyber attackers understand that an organization is only as strong as its weakest link, and they will exploit any gaps or vulnerabilities that might exist.

Gone are the days when the function of cybersecurity is the sole responsibility of the IT team. Securing an organization from cyber threats is a team sport and requires education, awareness, and participation from all. No employee would think of leaving the front door wide open for thieves without locking up for the night. That same concept needs to be translated to less tangible assets as well. It might be a culture shift, but the change is necessary to secure an organization’s continued success. 

When asked, “Who is responsible for cybersecurity in our organization?” 

Every employee should answer, “ME!”

How Protected Is Your Organization?

To assess your vulnerability to ransomware and other cyber-attacks, consider the following questions.
    • What is the current cybersecurity posture for your organization?  
    • How prepared is your organization to protect against ransomware or other security incidents?  
    • If you were hit by ransomware, how quickly could you recover?
    • Are you and your staff trained and aware of your incident response plan to respond to a security event?
Based on your answers to these questions, here are a few key topics and questions to help you examine and assess your cybersecurity readiness.

Cybersecurity Education and Training

Does your organization have the following education and training opportunities in place? 
    • Ongoing education and training for all employees
    • Social engineering, phishing, and other testing for employees
    • Tabletop exercises and simulations

Security Policies and Procedures

Do you have established cybersecurity policies and procedures, and are employees aware of them?
    • How do users report a suspected security incident?
    • Do users have a mechanism to report suspicious emails and other items to IT?

IT Policy and Technical Controls

What is your organizational practice for the following? 
    • Policies (DR/BCP, Incident Response, AUP, etc.)
    • Device Lifecycle Management (MDM, MAM, etc.)
    • Authentication policy (Password Policy, SSO, MFA, etc.)

Vulnerability Management

What would you do if your organization experienced exposure?
    • How do you track/scan for vulnerabilities in your IT environment today?
    • What is your patching/maintenance cadence to remediate vulnerabilities found?
    • Are all your assets identified and accounted for?

 Comprehensive Cybersecurity Protection

Mitigate your potential exposure to ransomware by utilizing an MSP with expertise in cybersecurity. Coretelligent’s CoreArmor solution unifies key security technologies into a single cohesive platform to provide expert monitoring and response across the entire environment—from critical infrastructure, servers, and endpoints, to cloud applications and services. As a result, your organization will not need to deploy and manage multiple vendors or products to effectively detect and prioritize the latest threats that put your business at risk.

Reach out to Coretelligent today and let our experts assist with mapping out and enhancing your cybersecurity posture to ensure your organization stays out of the ransomware spotlight.

About Chris

Chris Messer, Chief Technology Officer at CoretelligentAs Chief Technology Officer, Chris Messer is a transformational and strategic IT leader who establishes and leads Coretelligent’s technical vision and technological development.

Click here to learn more about Chris.

by

Think About IT: The Case for Cloud Backup

Thoughts from Coretelligent’s Chief Technology Officer,
Chris Messer

Whether your organization depends on Salesforce, Microsoft 365, or another cloud platform, cloud services help us collaborate and connect, regardless of our location, to remain productive and complete work assignments. This has been a tremendous boon over the past year as organizations have grappled with the COVID-19 Pandemic and post-Pandemic logistics.

As employees are interacting with cloud data and services, there are limitations to the control we have over the service and data.

Some failure scenarios that can be challenging to recover from may include:

  • An employee inadvertently deleting a large subset of their email data
  • A third-party app connected to Salesforce deleting all your customer records
  • A former employee’s account deleted without transferring their data to a new owner or location

The “3-2-1 Rule” has the basic premise that data should be stored and backed up on-premises, in the cloud, and in remote locations, so that a corruption of one data store will leave two separate data stores available for restoration. While the traditional interpretation of the “3-2-1 Rule” says there should be two local and one remote copy of data, in a cloud-centric world, multiple copies in multiple clouds can suffice to provide appropriate data protection.

Vendor Validation and Due Diligence

As with any vendor selection exercise, cloud vendors require the same level of diligence and auditing. Before committing to any cloud-based service or data storage platform, be sure to audit the vendor and understand what level of backup, data protection, and disaster recovery options they provide.

This will ensure that you have a clear understanding of any shared responsibilities and what additional protections your organization may want to put in place to supplement protections or capabilities the vendor may provide. To learn more about the vendor due diligence process, download our guide here.

Microsoft Cloud and Backup Protections

With the growing popularity of the Microsoft cloud stack over the past few years, and with accelerated adoption coming from the pandemic and remote work operations, many organizations may fall into the trap of thinking that Microsoft has their data completely protected.

Unfortunately, moving to the cloud does not mean that someone else now has responsibility for your data. Microsoft 365 customers are still responsible for their own data, just as if they were managing their own on-premises email and collaboration solutions.

Microsoft does backup data, but their protection is part of a shared-responsibility model. That is:

  • They have physical security in their data centers
  • They offer data storage replication and redundancy
  • The core tenets of their security approach include guarantees of uptime and privacy controls

To learn more about Microsoft’s and other providers’ shared responsibility models, download our guide here.

Microsoft will protect you from natural disasters that affect their data centers, hardware, or software failures on their part, power outages, operating system errors, and more. But if an end-user mistakenly deletes a critical file, then what?

Microsoft Exchange, their email service product, may also experience disrupted service availability. Details on how Microsoft backs up your email can be found here.

A helpful illustration of this shared responsibility model is below, courtesy of Veeam. Veeam software powers the CoreBDR backup platform offered by Coretelligent.

You will need your own data protection solutions in addition to any that are provided by Microsoft. Again, it is not that Microsoft does not provide some level of data protection, but your data is extremely valuable, and you need to ensure that it is protected from any and all potential deletions or undesirable modifications. Data protection can be on-premises and/or in the cloud, but it needs to be managed separately from the 365 infrastructure to ensure the highest level of protection.

Third-party backup solutions are a great way to protect against accidental or malicious file deletion, other user errors, ransomware, and data corruption. These solutions store backups independently from Microsoft servers and enable granular restores of your emails, files, folders, and more.

Ultimately, you are responsible to protect your data from human error (due to malicious activity or innocuous accidents), misconfigured workflows, hackers, and viruses. Backing up your users and data is truly your responsibility and if you are not proactive about that, any help you get from Microsoft in times of crisis is minimal at best.

Coretelligent’s Solution

Coretelligent’s CoreBDR service is a fully managed, cloud-based data protection and disaster recovery solution. Your data will be safe with fast and efficient, cloud-based backups and data encryption to protect at the source. It is essential for your small- to mid-sized business to invest in backup solutions to be prepared for any inevitable or impending disaster.

Our team of experts has over a decade of experience providing backup solutions. Protect your data and enhance business processes with Coretelligent’s support. Schedule your complimentary, initial consultation today before getting started.

by

The Future of Your Cloud Strategy – Hybrid Cloud or Multi Cloud?

Cloud models have evolved over time as more organizations have shown interest, and it has been predicted that in 2021, the cloud infrastructure market will grow 35%. More organizations have been considering if one cloud environment is enough for their requirements while also trying to determine what is best to optimize their environments.

At a high level, some prevalent architectures include hybrid cloud, multi cloud, or some combination of the two, with their differences and advantages outlined below:

What is a Hybrid Cloud Environment?

Hybrid cloud combines on-premises infrastructure with private cloud and/or public cloud. These environments promise enhanced scalability while maintaining security and control.

Hybrid Cloud Advantages

Many organizations choose hybrid cloud models due to their business imperatives, such as:

  • Meeting strict regulatory or data sovereignty requirements
  • Getting the most out of on-premises technology investments
  • Addressing performance requirements

Investing in hybrid cloud environments can provide greater flexibility, more deployment options, and value. The added control within hybrid cloud allows organizations to only pay for what is used and the abilities to migrate their assets overtime. Organizations can phase workloads to public cloud where the public environment can be home to certain workloads while sensitive data can be housed in separate, private datacenters.

What is a Multi Cloud Environment?

Multi clouds are built up of multiple public cloud environments from different providers (i.e. Microsoft Azure, Amazon Web Services (AWS), or Google Cloud). An example multi cloud environment is an organization running compute and networking activities in AWS and using database services from Microsoft Azure.

Multi Cloud Advantages

Organizations may be more interested in multi cloud to receive best-of-breed services, to prevent vendor lock-in, or to take advantage of lower, variable costs. The major public cloud providers on the market all offer several competing services, in addition to non-overlapping services including storage limitations and cost-effectiveness, and organizations may benefit from analyzing their strengths and weaknesses to garner the best outcomes. Cost-effectiveness is also considered when thinking about vendor lock-in because it can become costly and time-consuming to switch and move systems elsewhere when necessary.

What Strategy Makes Sense?

Over the past few years, hybrid and multi cloud services have been the preferred choices for organizations. There are factors to consider when determining which cloud strategy is best, including:

  • Strengths and weaknesses of third-party vendors or cloud providers
  • Current workloads, databases, networks, and storage demands
  • Location of resources and servers
  • Regulatory compliance requirements
  • Constraints some businesses are subject to

Not all organizations will benefit from the same cloud approach; an optimal strategy might combine both hybrid and multi clouds. According to Gartner, cloud is one of the fastest growing segments of IT spend. With this said, organizations might accidentally build out multi clouds or hybrid clouds that are unnecessary; it is important to be mindful of complexity sprawl and reevaluate what your cloud architecture looks like on a regular basis. As needed, your organization may benefit from implementing organizational controls to gate how cloud vendors are approved and added to your existing infrastructure.

With greater spend comes greater responsibility, and it is essential for your organization to optimize or clearly define your cloud strategy. If your current cloud strategy is lacking or non-existent, contact the Coretelligent Team to discuss options that will provide high rewards for daily business operations.

The Coretelligent Difference

Coretelligent has cloud solutions designed for your organization whether you need private, public, or hybrid cloud hosting. Our agnostic cloud approach will meet your business continuity goals with solutions powered by strong enterprise partners. Coretelligent’s experts have over a decade of experience providing cloud solutions to highly regulated industries. Our major differentiator is our strategic services resources who can offer expert guidance and design a roadmap for your organization to successfully migrate to the cloud based on storage, compliance, and operational requirements.

Keep your data safe, resilient, and easily accessible with Coretelligent’s unified cloud management. Schedule your complimentary, initial consultation today to get started.

by