Protect the NHS from Ransomeware attacks with Microsoft Azure

It’s time for the NHS to move forward.

As we know the NHS according to the media is at breaking point with the consistently high patient demands and workloads. With limited funding, it is no surprise that their IT systems typically are very much out of date and lack investment. You only have to look at their buildings to reflect on what type of technology they are running. I couldn’t say that is the case across the board but I’m pretty sure it’s not far from wanting.

It comes to no surprise then that they would be ideal targets for such malicious attacks such as the most recent Ransomeware malware attack.

What is Ransomeware?

“Simply put, it’s a type of malware that gets into a computer or server and encrypts files, making them inaccessible. The goal is to shut down your ability to do normal business. The attacker then demands a ransom for the key to “unlock” your data.” – Microsoft 2017

The severity of such an attack on such a critical part of society is devastating particularly with many patients needing operations and having sensitive data inaccessible throughout the duration of the attack. To have no control over operations is a costly lesson to learn.

So now what? Ransomeware is only one permutation of a malware attack that caused devastating affects on NHS services.  So what’s the lesson here?

PROTECTION!!!!!!!!

There is method to our (IT Professionals) madness when we say it is important to implement a business continuity and disaster recovery (BCDR) strategy. The more sensitive your data is the more attention you need to give to such strategies.

Although it may be safe to say you obviously cannot protect yourself against everything you sure can mitigate the impact of such attacks.

This attack on NHS services is a prime example of why the NHS services should move to the Microsoft Cloud. By moving to the Microsoft Cloud the NHS service(s) can very quickly implement a BCDR strategy as a matter of priority. That way they would very quickly achieve the certainty that their data is protected securely and off site! Azure Products that will facilitate this may include:

  • Azure Backup Service (99 year data retention)
  • Microsoft Azure Recovery Services Agent (99 year data retention)
  • Microsoft Azure Backup Server (Azure offsite 99 year data retention)
  • System Center Data Protection Manager (Azure offsite 99 year data retention)
  • StorSimple

Each one of these Microsoft products above offer their own benefits in addition to being both cost effective and secure. Multiple backup methods can be used or a single method, it depends on your workload although each one ultimately provides sufficient backup strategies for your sensitive data. Choosing the right one involves evaluating the importance of the data which is determined by your business needs. Backup schedules that can be defined by the businesses RPO and RTO per application etc.

Although Disaster Recovery (DR) often features as a tick box for most IT Strategies although rarely tested the businesses who do use it tend to use DR and focus less on Backup as time goes on. The issue here is if your primary site is attacked, as part of DR it too would replicate your current site, rendering your DR site compromised.

I mentioned DR and so far, I haven’t spoken about Azure Site Recovery (ASR). This is Microsoft’s solution to DR. ASR protects your environment by automating the replication of the virtual machines, based on policies that you set and control. What makes it different to traditional methods is that ASR allows you to preserve history in the DR site, which can help reduce the problem posed by compromised disaster recovery.

I don’t want to say i told you so but had the NHS implemented one or more of the backup methods mentioned earlier with ASR they would have been better positioned to recover from disaster quickly and efficiently with minimal effort compared to traditional onprem strategies.

Keeping your systems up to date can be a tedious task for any IT professional but as we see it is necessary to protect yourself from attacks. Another feature of Microsoft Azure that is both quick to deploy and offers great insight into your patch level of machines for both onprem and Azure Virtual machines is Operations Management Suite. I won’t extend on this but it is improving almost weekly on its capabilities. You can identify vulnerable machines and initiate security update installation remotely. More info on OMS here.

Bottom line is NHS update your systems as a point of urgency, leverage the Microsoft Cloud to do so, give yourself the piece of mind that your data is secure, capital expense is reduced based on Azure’s ‘operation model’ and monthly billing based on usage and lastly reap the benefits of operating your technology in the most agile way possible.

Once your services are running in the Microsoft cloud you can leverage even more functionalities available with Microsoft Azure such as Machine Learning, Cognitive Services, Data Lake Store and so much more!  #keepthenhsprotected

Leave a Reply

Your email address will not be published. Required fields are marked *