Published OnDecember 25, 2020Despite the best efforts of IT organizations to educate employees about how to protect their home laptops and other endpoint devices against cyberattacks and equipment failures, the reality is that many people think the systems they use are likely protected automatically, which is not always the case.
Work from home and security don't have to be a contradiction, but they often are.
Despite the best efforts of IT organizations to educate employees about how to protect their home laptops and other endpoint devices against cyberattacks and equipment failures, the reality is that many people think the systems they use are likely protected automatically, which is not always the case.
This work from home security deficit has become a particular pain point during the COVID-19 pandemic as millions of knowledge workers have set up home offices with IT guiding them from afar. Basic practices such as updating antivirus definitions or even using antivirus software may inadvertently be overlooked. Meanwhile, ransomware attacks spiked over 47 percent YOY in 2020 and have remained high ever since.
Perhaps the greatest threat to endpoint work from home security, though, is overconfidence. For example, Microsoft 365 applications (formerly called Microsoft Office) are a business staple and include many useful features to protect data. Microsoft 365 maintains version histories to prevent users against inadvertent changes that overwrite important information. Microsoft's OneDrive, which is used by more than 200 million customers, automatically synchronizes files to the cloud in the background. What could go wrong?
Synchronization Isn't Backup
Many people may not know that, although versioning is a convenient feature, Microsoft never intended it to work on all file types. That means the feature may or may not work with files that weren't created with Microsoft 365 applications. Furthermore, if the filename and location change, as often happens in a ransomware attack, finding and retrieving an earlier version can be like searching for a needle in a haystack.
OneDrive is an excellent service and a great value. It was developed for people who travel frequently or use multiple devices to access the same files. It replicates new files and changes to existing files instantly to the cloud, making them available to other connected devices. OneDrive is also a great way to share files with others.
However, even Microsoft will tell you that OneDrive is not a replacement for backup protection. In fact, the Microsoft Services Agreement recommends using a third-party backup service for that purpose.
File synchronization and continuous backup are not the same things. For example, if you delete a file from the recycle bin on your computer the synchronized version also disappears from OneDrive. And while file synchronization is convenient for day-to-day purposes, it can be a problem in a ransomware scenario.
Ransomware typically encrypts and renames files on the local device. If OneDrive is running, those corrupted files will be instantly synchronized to the cloud, making it all but impossible to recover them. This isn't a bug but a feature because OneDrive was designed to make files portable, not to be a work from home security service.
How Backup Is Different
For all these reasons, it's important that remote employees not rely on Microsoft 365's native features as an alternative to backup. There are several key differences.
One is that cloud backup provides for continuous real-time replication; it copies data at the byte level to an exact duplicate image in the cloud as it is created, rather than whenever a file is saved as is the case with OneDrive. If a failure occurs, processing can cut over to use the cloud data stored via backup and replication processes.
Purpose-built backup services are designed to optimize business continuity and create a Recovery Point Objective (RPO) and Recovery Time Objective (RTO) for all the protected systems. The objective is to get the business up and running as quickly as possible after a failure or attack.
OneDrive and alternatives like Box and Dropbox are very good at what they do. Just don't expect them to do more than what their creators intended like backup and recovery and protection against ransomware. To learn more about how you can protect laptops and endpoint devices, including Microsoft 365, check out Iron Mountain’s full suite of data protection services.