Cyber criminals are increasingly turning to ransomware as a form of blackmail to exploit public and private enterprises. It’s estimated that the cost of ransomware attacks will total over $1bn this year – and researchers warn that the problem is only going to grow. Hackers are not only increasingly sophisticated, but also getting bolder in their approach and so the most insidious computer crime today doesn’t involve viruses or stealing credit card numbers but comes in the form of ransomware. These rogue programs have the ability to hold an entire organisation’s data hostage with unbreakable encryption, while the cybercriminals demand a ransom for the decryption key.
These attacks are becoming increasingly common. In the past few months alone, new and more powerful ransomware has appeared, with criminals targeting sensitive entities such as NHS hospitals and local councils. In fact, almost 30 NHS trusts admit that they have been the victims of ransomware attacks in the past 12 months, while 30% of UK councils were victims of ransomware in 2015.
The reasons for ransomware flourishing are two-fold.
Firstly, basic economics. Stealing credit card details and selling them on the black market can be time-consuming with a potential payoff of less than a dollar per card, so cybercriminals are turning to ransomware to sit back and wait for victims to pay up. Less work for greater returns!
Secondly, ransomware is very difficult to avoid. A single click within an email or website is all it takes for an unsuspecting employee to activate the code that encrypts an entire system and triggers a ransom demand. Even if an enterprise has the most updated anti-virus software or access restrictions on sensitive files, it remains vulnerable to ransomware via just one unsuspecting user.
However, all is not lost. Organisations can take steps to mitigate the effects of attacks and recover normal operations in minutes or hours – if the proper precautions and recovery plans are in place. The most important recovery element is real-time protection of data, which means backup copies of all files and data are stored securely off-site rather than on local servers. In order for this to be effective, it needs to be accomplished automatically, whereby a copy is made every time a file is edited or saved. Backups like this let a business “roll back” to the moments before a ransomware attack and recover all its files – even in cases where the ransomware has migrated across the local network and servers.
To do this, the software or service a business uses to create the backup must be capable of excluding all encryption files known to be associated with ransomware. Businesses need to avoid restoring the files that delivered the ransomware in the first place.
Last but not least, businesses need an effective retention policy – whether that is to retain deleted files forever or for a specified time period. Establishing a retention policy will allow the business to retrieve the original files after the ransomware attack. This is an integral part of any recovery plan as it removes the need for costly recovery processes, which are often time-consuming, meaning the business can be up and running again with the least disruption to the operation.
In today’s technological age cybercriminals are an unfortunate reality. Businesses therefore should think ‘not if, but when we are attacked’ and take all the necessary precautions to ensure that the attack causes the least amount of damage to the business. By being aware and maintaining the right backup strategy, your company can minimise the damage from these attacks and turn the tables on this latest generation of attacks.
Read original theCsuite.co.uk article written by Brian W. Levine, Syncplicity Security Officer here.
If you have not opened the latest issue of CIOReview Magazine, then let us tell you first! We were recognized by CIOReview as one of the “20 Most Promising Compliance Solution Providers of 2016”. It’s an annual listing by CIOReview of 20 companies that are on the forefront of providing compliance solutions and impacting the marketplace.
“Syncplicity’s role in modernizing legacy infrastructure to keep data safe and compliant is noteworthy. The company offers users an easy to use file sharing and collaboration solution with complete control of their data while fully adhering to compliance requirements.”
To read the full article on Syncplicity “Bolstering Secure Frameworks for File Sharing” click here.
To learn how we can help your organization kickstart IT infrastructure modernization to reduce costs and empower your digital workplace, please email us at email@example.com
Most of us have been to tradeshows and fallen for the free giveaways. Those little trinkets look so alluring under the lights and in the excitement of the show. One year I recall bartering with another vendor for one of their selfie sticks, thinking that is kind of cool, but in reality I don’t take selfies – so it sits around in its unused glory taking up space. And, it’s cheaply made. How many times have I brought stuff home just to be thrown away or collect dust?
The #truthis I don’t pick up any stuff anymore, or almost never.
For our upcoming show Gartner ITExpo in Barcelona the marketing team came up with a new idea. We decided to select a charity and for every person who gets scanned at our booth we will donate 2 Euros to an important cause. The cause chosen for the Gartner ITExpo in Barcelona is Solar Aid, an International charity that combats poverty and climate change by providing access to solar lights in some of the most remote regions of Africa.
If you are headed to Barcelona stop by our booth to get scanned, get a “I donated to Solar Aid through Syncplicity” sticker and support an organization that is doing great work #ADifferentKindofSharing!
Just Five Scans
Just 5 Scans at our booth will result in 3 Solar Lights, 13 People Reached, £435 Saved by Families, 3018 Extra hours of child study time, 3.2 tonnes of CO2 emissions everted and 6 people experiencing better health.
Visit the Syncplicity Booth (#403) and participate in a Different Kind of Sharing.
In a recent Enterprise Strategy Group (ESG) research study, they found that 98% of IT and security professionals were extremely concerned with having technologies in place to ensure policies are applied to the sharing of sensitive data. Our newest product enhancement, affiliate sharing, does just that. Affiliate sharing extends sharing and collaboration capabilities to include a trusted network of specific partners and customers, in essence helping enterprises build their digital ecosystem of trust.
IT often blocks external sharing due to the perceived security risks, but their digital workers are looking for ways to share large files and folders with partners and customers, even if that means using consumer (shadow IT) file sharing tools. Our latest product enhancement gives digital workers a secure and seamless way to share files and folders within their digital ecosystem, building a ‘trusted network’, while maintain the level of security control required by IT.
“External sharing is critical to Texas A&M University, and Syncplicity’s new controls give me confidence that my teams can share files and folders securely among our trusted group of organizations,” said Danny Miller, CISO System Chief Information Security Officer at Texas A&M University. “In today’s digital world, the firewall is no longer the boundary for data and information sharing. These new Syncplicity enhancements enable us to lock down sharing within a trusted group of affiliated organizations, helping us stay compliant and secure – maintaining central control while enabling easy end-user collaboration.”
Affiliate Sharing offers a comprehensive set of controls that allow you to:
To start building your digital ecosystem of trust, checkout the new additions to Syncplicity’s group-based policies and security controls, or to learn more about these and other security features contact your Syncplicity Customer Success Manager.
The pace of today’s collaborative work often requires editing files that are shared among multiple people. But collaborating with others in real-time can create problems. Does someone else have the document open right now? Will my changes get overwritten? Am I looking at the latest version?
There have been several approaches to this problem, including real-time editing within a browser. But the vast majority of Enterprise documents are created and edited in desktop versions of Microsoft Office applications. These applications are the gold standard, and present in nearly every office environment worldwide. So Syncplicity set out to address the real-time viewing and editing problem directly at the source.
The Syncplicity App Tab is a collaboration feature that works with desktop versions of Microsoft Word, Excel and PowerPoint, from Office 2007 through Office 2016 (included with Office 365). The App Tab was introduced in the Syncplicity desktop client version 4.1.0 for Windows. In future releases we will bring the feature to Mac and mobile clients as well.
When you use Microsoft Word, Excel or PowerPoint to open a file inside a shared folder, the Syncplicity App Tab displays. The App Tab helps you avoid accidental file conflicts when collaborating on shared files, with visible notifications when a file’s status changes. Popup notifications display directly inside Microsoft Office when other people view a file that you are also viewing, when someone else starts editing that file, or when a newer version of that file becomes available.
Get an entertaining and in-depth tour of the new App Tab in just over 7 minutes by watching our Syncplicity App Tab Video Guide. Amaze your friends! We also created a written guide to Using the Syncplicity App Tab, if reading is more your thing.
Enjoy collaborating with the Syncplicity App Tab, and send us feedback!
To say ransomware is a growing threat is an understatement. With multiple public warnings from US and European law enforcement, a growing tally of high-profile incidents, and new guidance on HIPAA breach notifications, business leaders across industries are justifiably nervous. While there is no foolproof way to prevent an attack, there are measures you can put in place today to better defend against this new and very destructive type of malware. Additionally, when an attack does slip through the defenses, a quick recovery is possible if you have a solid remediation plan in place.
As the saying goes, ‘an ounce of prevention is worth a pound of cure’. With that adage in mind, here are a few practical guidelines you and your organization should implement today, to get the maximum ransomware prevention and recovery mileage from Syncplicity. Be sure to check out the links below for detailed instructions to implement these tips.
Back-Up Files in Real-Time
While there is no single solution for preventing ransomware attacks, a consistent recommendation from experts across the industry is ‘Backup, Backup, Backup’. For most enterprise users (and consumers), that’s easier said than done. It’s a behavior that often requires extra manual steps and backup jobs that usually never complete. However, with Syncplicity, continuous backup is easy and seamless. Files and folders are backed up automatically in real-time, meaning you start syncing all your folders just once and move on, eliminating worries about data loss.
Utilize Multi-Folder Sync
Our unique EFSS feature, Multi-Folder Sync, allows users to back up every folder on their desktop automatically. The design of this features allows users and admins to sync all files and folders in place without moving them to a “magic folder.” In the unfortunate event your company or a user is breached by ransomware, they have back-ups of every file in every folder on Syncplicity, not just the few files they remembered to copy to the single “magic” sync folder of other EFSS solutions.
We recommend that you educate your users to sync all their critical files and folders, including Desktop and My Documents. As an administrator, you also have the ability to proactively specify the sync of any desktop folders to ensure that your corporate users are safe.
Establish an Enterprise Retention Policy
The most common ransomware variants attack by deleting files and replacing them with renamed encrypted versions, or by retaining filenames and encrypting the contents in place. In both cases, Syncplicity retention policies will enable you to ensure the files can be recovered.
The Syncplicity deleted files retention policy allows you to retain deleted files forever or for a specified time period, so that your original files can be retrieved after they are deleted by ransomware. Administrators should also review your file versions retention policy which controls how long prior versions of a file are saved after they have been edited or overwritten.
Exclude Risky File Types
To contain and stop the spread of an attack, administrators can block problem file types from syncing. Syncplicity File Type Exclusion Policy gives you the ability to preemptively block known crypto document types, for example those with the .locky and .crypt filename extension, and also block potentially malicious executables such as .vbs, .scr, and .exe.
Eliminate or Reduce Email Attachments
Ransomware often enters a system via email when a user unknowingly sets it loose within the organization by opening an infected attachment. One way to reduce your organization’s risk is to train employees to use Syncplicity to share links to files rather than opening documents directly from their email clients. The Syncplicity Outlook Add-In automatically transforms email attachments to links or users can copy a Syncplicity shared link into the body of an email message.
Establish a Recovery Plan
The restoration process after a ransomware attack can be time consuming and costly resulting in significant business impact. The attackers are betting that you’ll pay the ransom to get business moving again. However, with Syncplicity, the most critical component of your remediation strategy, recovery of the locked files, is covered.
With your retention policies and multi-folder sync now in place, users can restore files to prior unlocked versions and restore deleted files using the Syncplicity interface.
Enterprises that have been hit with system-wide breaches impacting multiple users and thousands of files should contact Syncplicity for assistance.
As the ROI continues to be attractive for attackers, it will likely be some-time before the current wave of ransomware attacks subsides. By following industry guidance and the strategies outlined above you can avoid being the next victim in the headlines.
April 2016 has been an exciting month for the privacy community! Legislators in Europe up-voted the General Data Protection Regulation (GDPR), down-voted EU-US Privacy Shield and wait for it… Syncplicity quietly launched European Cloud Storage!
Syncplicity is excited to announce the general availability of European (EU) Cloud Storage. This enables Syncplicity users to choose the physical location of their cloud file storage to meet regional privacy and data sovereignty concerns. With a single-click, customers define their preferred cloud storage region and enterprise admins can configure multiple storage locations for their global user-base.
Data Sovereignty has become increasingly important amidst the wake of Safe Harbor, and companies need cloud solutions that enable them to maintain the highest levels of visibility and control over their data. While data regulators have rejected the EU-US Privacy Shield agreement, global enterprises must ensure they remain in compliance with regional privacy laws, protect employee personal information, and preserve the confidentiality of valuable corporate intellectual property.
Syncplicity enterprise customers have always had a choice for their storage region with hybrid cloud StorageVaults, and our new EU Cloud Storage option provides additional capability to scale quickly and meet global information governance requirements.
A First for the EFSS Market
Syncplicity’s model is unique in providing a ‘single pane of glass’ end-user experience, while providing maximum visibility and control for IT to choose the right storage location, based on national sovereignty, data sensitivity, and other business logic.
Within a single enterprise account, admins can define multiple storage policies for their global deployments, leveraging on-premises storage, private cloud, and Syncplicity’s cloud storage within a single seamless user experience. Folders and files can be securely shared globally, while maintaining control of where the data is stored and who owns the content.
End-users are able to access data in multiple storage locations and access shares from multiple companies, with a single log-in. Similar offerings in the market require end-users to create multiple unique accounts for each storage location, which results in account sprawl, a broken user-experience, and a nightmare for IT governance.
In contrast to Syncplicity, cloud-only EFSS providers do not offer the flexibility to use private cloud, public cloud, and on-premises storage within a single account - with popular cloud-only solutions, enterprises are forced to move all of their data to a multi-tenant public cloud for storage and processing, which opens potential for data leakage and breach of confidentiality.
Enabling Global and Mid-size enterprises to adopt the cloud
Syncplicity’s data governance model is especially appealing to large enterprises with business operations and employees located around the globe. Mid-sized enterprises that do not have the resources to manage a hybrid cloud are excited to have a regional cloud storage layer that allows them to rapidly deploy and scale.
While model clauses and binding corporate rules provide the legal framework for meeting European Data Privacy Regulations, Syncplicity’s Hybrid Cloud and EU Cloud Storage provides customers the highest level of control over the physical and logical security of their data.
The feature is generally available and included with Personal, Business, and Enterprise Edition. Additional details on how to configure EU Cloud Storage for your account are available here.
While we have consistently led the EFSS market in offering true security and privacy controls, we are excited to add EU Cloud Storage as the latest component in our architecture. Combined with our policy driven hybrid cloud, group-based security policies, integrated rights management, and zero-content-knowledge StorageVault Authentication, EU Cloud Storage is an integral part of a multi-layered approach to data governance, privacy, and security.
In the coming months we have many more exciting enhancements on our security roadmap and I look forward to keeping you updated!
Visit Syncplicity in Booth #159, Hall C
We invite you to attend our EMC World speaking sessions:
ECS - What’s New & Strategic Roadmap
Breakout Session, with featured customer Siemens
When: Monday, May 2nd, 1:30pm – 2:30pm
Location: Murano 3201a
Add to my calendar
The Future of Enterprise File Sync and Share
Jon Huberman, Syncplicity CEO, and Virtustream
When: Tuesday, May 3rd, 2:00pm – 2:20pm
Location: Virtustream Booth #656
Add to my calendar
Improve data access and stakeholder engagement while dramatically lowering storage costs
Jon Huberman, Syncplicity CEO
When: Wednesday, May 4th, 12:00pm – 12:20pm
Location: Fireside Chat Booth #1128
Add to my calendar
ECS — What’s New & Strategic Roadmap
Breakout Session, with featured customer Siemens
When: Wednesday, May 4th, 3:00pm – 4:00pm
Location: Palazzo L
Add to my calendar
Let’s celebrate – because today is a reminder that you have one less thing to worry about!
With Syncplicity your sync’d folders are backed up in real-time no matter where they are located and that means your files are available on any device – so if your computer or mobile device crashes, or is lost or stolen – you can still access your files from any device and you can sync them onto a new computer.
If you want to learn more about how to ensure your teams are backed-up contact your Customer Success Manager.
Walking around Syncplicity’s office, you hear two words popping up all over the place: transformation and enterprise. They are passed back and forth between gulps of espresso and Red Bull; come alive during heated debates; and stand proudly as pillars of our product roadmap.
We have always developed solutions that integrate at some level with Microsoft solutions. But when we joined Microsoft’s Cloud Storage Partner Program (CSPP) last year, we were presented an opportunity to add a whole new dimension. Fueled by our mission to digitally transform the enterprise, we immediately began work on native integrations that address our enterprise customers’ greatest needs.
We recently announced the first of these new products: A Universal Outlook Add-in for Office 365. There is much more to come this year, beginning with in-use file notifications, which will enhance collaboration on Office files and add capabilities to document creation and workflow editing.
“Our customer base is the enterprise, and our product roadmap is focused on their needs,” said Syncplicity CEO Jon Huberman. “Developing enterprise-grade solutions with a deep level of native integration takes a lot of work and investment. In 2015, we kicked off development efforts to eliminate pain points for Office 365 users and help IT prepare for the adddition of cloud-based Office solutions. Our future development efforts will continue to leverage our Microsoft partnership to make the digital transformation of the enterprise a reality.”
We are passionate about meeting the requirements of our enterprise customers, who have complex infrastructures, yet want to offer cloud and mobile-first experiences to their end-users. By coordinating closely with our enterprise customers, we ensure that our development efforts maintain strict focus on their needs. Partnering directly with Microsoft presents a world of opportunity for new enterprise-grade features and capabilities that will help create the digital workplace of the future, and we intend to take it as far as it can go!