The recent Hafnium hack, exploiting weaknesses in Microsoft Exchange server, demonstrates the difficulties of securing on-prem IT.
The hack in itself was a serious breach, allowing hackers to steal entire mailboxes. But the damage went much further: as the original group of hackers became aware a security patch would be issued, they stepped up the volume of their attacks. They began targeting any Exchange Server they could find and leaving behind web shells that will make it easy for others to get into those networks even after the patch for the original hack has been applied. Security firm ESET estimates that at least ten hacking groups are now exploiting this vulnerability, on thousands of servers spread across more than a hundred countries.
If you’re running on-prem Microsoft Exchange, what should you do? Moving to cloud-based productivity suites like Google Workspace can lower both the risk of your systems being breached and the management overhead of keeping them secure.
With cloud-based systems, you benefit from:
1. Immediate patching
Cloud providers will apply patches for security issues as soon as fixes become available. There’s no delay while you wait for the right person to be available to handle it; changes will be deployed in minutes across all your servers, without the risk of misconfiguration; and there’s no need to worry about downtime while you apply the patch. Meanwhile, your in-house team is freed to spend time on activities that add value to your business operations and users, rather than on routine server and application management.
2. Industry-leading security expertise
Cloud providers can afford to employ large, dedicated security teams who are entirely focused on monitoring for suspicious activity, responding to threats and performing routine security evaluations and audits. For example, Google employs more than 700 security and privacy professionals, who include some of the world’s foremost experts in information, application and network security. They’re also likely to be applying a much wider range of commercial and proprietary tools to identify, escalate and respond to threats as quickly as possible than would be possible with an in-house team.
3. Effective access controls
Cloud providers have developed access controls that are designed from the ground up to handle multi-tenant infrastructures, rather than simply bolted on to solutions designed for a single organisation. Google Workspace access controls, for example, are based on a zero-trust model that takes account of information about a device, its state, the associated user and the context, giving you confidence that access will be granted only if its a legitimate request from one of your users.
4. Highly secure infrastructure
Google uses the principle of defence in depth to create an IT infrastructure that is more secure and easier to manage that technologies used by traditional on-prem hosts. This includes: a layered approach to physical security; custom hardware and software designed to minimise opportunities for attack; and a global network that limits the opportunities for your network traffic to be attacked while in transit.
5. Wide-ranging malware and data loss protection
Google provides a range of online services that analyse files, URLs and emails to identify potentially malicious content. These solutions block more than 99.9% of threats from reaching Gmail inboxes; allow new URL click-time warnings for phishing and malware links to be generated on the fly, so users can browse safely; warn users if it looks like they may unintentionally be sending an email to the wrong person; and allow users to control what others do with the data they share.
6. Comprehensive admin tools
Cloud providers like Google empower your organisation to improve security and compliance through powerful web-based admin tools that are easy to use. For Google Workspace, the Admin Console gives you full control to configure your infrastructure, applications and system integrations in a single dashboard. In addition, the Google Workspace Security Centre provides advanced security analytics, actionable insights and best practice recommendations all in one place. Finally, endpoint management helps you control data on user devices, including personal devices.
If worrying about security flaws in your on-prem productivity tools is keeping you awake at night, Google Workspace can help you make them a thing of the past sooner than you’d think. Here at Ancoris, we’ve helped hundreds of clients of all sizes move quickly and smoothly away from on-prem deployments of Microsoft Exchange and other productivity suites. For example, we were able to help Irish telecoms provider eir move all of its 3500 users to Google Workspace in a matter of weeks, at a rate of 200-300 users a day.
Frank O’Mahony, Internal Helpdesk Supervisor at eir, says, “What’s impressed me is the expertise and knowledge of the Ancoris team. They’ve obviously done these migrations or changeovers to Google Workspace many times before, so that’s a big plus. Their training and trainers are very good — both onsite and web trainers —and their tutorials and guides are excellent. The Google stuff is good anyway, but Ancoris put it together in a nice package so it was a fast turnaround for me. I don't have to go and research it all myself. In the 20 years I’ve worked in IT, they are certainly the best all-rounder —for technical backup and technical support — I’ve come across.”
If you’re worried about the security of your on-prem productivity tools, you can find out more about how moving to the cloud with Google Workspace will make your operations more secure by downloading Google’s Google Workspace security whitepaper. Or come and talk to the experts in our Google Workspace team.