All Posts By

SynapsysAdmin

Top six technical questions about Acronis Cyber Protect Cloud

By 2020

Nick Keene

2020-05-20

By Nick Keene, Synapsys Presales Engineer

In late March and early April we ran a series of webinars introducing our partners across Africa to Acronis Cyber Protect Cloud in advance of its launch earlier this month. As well as giving an overview of the new cyber protect features and doing a quick demo of the updated dashboard, there was a chance for attendees to ask me questions. I thought these would be useful to share here as well, as they are questions other managed service providers (MSPs) might have.

Acronis Cyber Protect Cloud is a single solution that integrates backup, disaster recovery, AI-based protection against malware and ransomware, remote desktop, and security tools in a single agent. Read about the launch here.

In this post, I’ll cover the top six technical questions attendees asked us during the webinars, and then in two weeks’ time I’ll tackle questions around getting started with offering Acronis Cyber Protect to your customers.

1.Can a tenant be upgraded to Acronis Cyber Protect Cloud without having to reconfigure backups and agents?

Yes, it’s a simple process to upgrade your customers to the new editions. You just toggle a switch in your customers’ settings to upgrade their service.

2.If I run integration services such as WHMCS and I switch to Acronis Cyber Protect Cloud, will I have to reintegrate everything from scratch?

Typically no. You may have to wait for the developer of your integration service to update with the new offerings, however Acronis is dedicated to ensuring seamless and complete integration with its platform.

3.Will the Acronis Cyber Infrastructure scan backups if you use your own storage?

Not immediately on release. But it is an important feature that Acronis wants to roll out as soon as possible. We currently have no information on when this feature is being released.

4.Does the remote desktop protocol (RDP) run on port 3389 and is this a solution for companies that don’t have a VPN?

The Acronis Cyber Protect Cloud RDP connection is tunneled over HTTPS and doesn’t require a VPN or port-forwarding on the customer’s side.

5.Will the Acronis Cyber Protect Cloud RDP log out a current user or mirror the screen?

It will log the user out. The Acronis Cyber Protect Cloud RDP connection uses standard RDP protocols so works similarly to how other RDPs you may have used work.

6.If you only backup a single file, will Acronis Cyber Protect Cloud still protect the system from vulnerabilities, malware and ransomware?

Yes, while the anti-malware protection and vulnerability scanning forms part of the protection plan, they are configured individually and do apply to the entire machine regardless of what is backed up.

I hope that was helpful. Let me know if you have any other questions or would find a follow-up webinar useful.

Remember that Acronis is offering zero-rated usage on the new product until the end of July 2020, so now is a good time to sign up.  Please get in touch to do so: here are our contact details, and we promise we reply to the web chat very quickly during office hours.

Written for publication on the Synapsys website on 20 May 2020

The Extraordinary Endurance of the Phishing Scam

By 2020

2020-05-13 Despite the increased sophistication and industrialisation of cyber crime (ransomware-as-a-service, anyone?), criminals still have a fondness for phishing scams as the entry point for malware attacks. Why? Because they are far easier to do than punching through a corporate firewall, and quite simply, they work.

They work because they use our humanity against us, by tapping into emotions like urgency, anxiety, greed, wanting to be informed, or to do good. And the COVID-19 pandemic has caught us at our most human, and criminals are exploiting these new opportunities for phishing scams to land, as we saw with the rise in pandemic-related ransomware attacks.

We are all confused, anxious, frightened, and facing new working from home conditions with additional demands and uncertainties. We are hungry for information, we are separated from our employers, friends and family, we are worried about finances and we want to help others. Together these magnify the sense of urgency that phishing scams prey on, and our defences are already down because of the strangeness of our lives under lockdown.

So we’re more likely to click on that official looking notification from the government, or our boss, or the bank, or a charity, potentially opening us up to identity theft, or an attack on the corporate networks and systems that we are accessing remotely.

Our partner Acronis recently shared a selection of new phishing scams from around the world:

  • The Trickbot banking trojan campaign targeted Italian email addresses with an email that claimed to offer advice from the World Health Organisation. The email prompted the user to enable Microsoft Word macros that installed a new variant of Trickbot onto the machine.
  • The TrickBot and Emotet trojans have started to add text from COVID-19 news stories to attempt to bypass security software.
  • North Korean hackers were spotted targeting South Korea with phishing attacks at the end of February. The campaigns seemed to target government officials with malware-tainted documents.
  • In the US a phishing campaign claims to come from a delivery company giving an update on its operations. The PDF is in fact an executable file that installs Lokibot malware on the machine and steals sensitive information from the user.

It’s astonishing how fast criminals are to take advantage of a situation. These are just a few examples from around the world. And in South Africa we’ve seen our own variations: notably PerSwaysion, which targets corporate email accounts exploiting Microsoft logins, and is very sophisticated and detail oriented. Other scams include messages claiming to be from banks about cashflow relief, fake purchase orders or payment notifications, and to students and staff of academic institutions that are suddenly all remote.

For daily updates on the latest COVID-19 related risks, see RISKIQ. (We checked the link!)

Of course user education is still the number one defence against phishing attacks:

  • Check the email address
  • Be cautious of poor grammar, spelling and low-resolution images
  • Never share personal information
  • Don’t get sucked in by a sense of urgency
  • Check suspected phishing scams on Phishtank

And this education has to be ongoing: it’s like learning to cross the street at home, and then travelling to another country where suddenly the traffic appears from the other side. The principles stay the same, but circumstances can override our common sense. We’re all human!

We’re also pretty excited about Acronis’ new cyber protection approach which combines data protection with cybersecurity featuring behavioural endpoint anti-malware. This provides a safety net against the most destructive and pervasive types of malware that commonly use email as an attack vector, such as ransomware. So if someone in your organisation does fall for an email scam, coronavirus-themed or not, these defensive measures can save you from days or weeks of costly, business-threatening data loss and downtime.

Let us know if you would like an introduction to one of our MSP partners offering Acronis Cyber Protect and to find out more about Cyber Protection for remote work.

Written for publication on the Synapsys website on 13 May 2020

Tackling Endpoint Security in the Age of Work from Home

By 2020

2020-05-07

By Peter French, Synapsys Managing Director

It was only a few short months ago that I attended the inaugural Acronis Global Cyber Summit in the US, where Acronis CEO, Serguei Beloussov, announced their innovative, unified approach to data protection and cyber security. One of the challenges Acronis Cyber Protect would address, he said, was the increasing complexity in corporate IT ecosystems thanks to the dramatic rise in endpoints. Acronis predicts that by 2030 we’ll have more than 500 billion devices globally, and only 1% of these will be in the core network.

Fast forward a few short months, and due to the COVID-19 pandemic this forecast has started to materialise at an astonishing rate. Almost overnight, around the world, companies have had to transition to remote working operations, with employees accessing corporate networks from a plethora of devices, across a range of broadband connections, with dogs, cats and toddlers playing havoc with work and private devices.

This is the acceleration of a well-established trend: the industry has been actively mobilising workforces for a number of years, and thanks to the cloud and mobility, many people are enabled to work remotely. Logistically, in Cape Town as an example, some companies were prepared for this overnight shift thanks to business resilience plans put in place during the 2018 drought. And the City of Cape Town has repeatedly encouraged businesses to embrace flexible hours and remote working as a way to reduce traffic congestion over the last few years.

Today, the remote work horse has bolted, even for companies that haven’t spent too much time thinking about it, or indeed have actively resisted it. There is almost no technological need for many employees to be in a central location at a set time any more, and some very compelling reasons for them not to be.

Peter French, Synapsys MD

What is an endpoint anyway?

An endpoint is any device that people, or machines in the case of IoT, use to compute. Some endpoints remain within a company network, or move backwards and forwards across a corporate firewall, and today many are remote. These remote endpoints are increasingly a vulnerability risk, because, if unprotected, they offer a doorway into a corporate network.

Now, add the uptick in cyber crime. Today it’s around the COVID-19 pandemic — the Acronis Cyber Protection Operation Centers have detected a spike in malware attacks recently — but at other times this could be due to any large global event or crisis. Combined, you start to see the makings of an infosec nightmare.

Top three things to prioritise when updating your data protection and cyber security — cyber protection — for this new way of working

  1. People first

We all know this one. Even when implementing a technology solution to a technology-driven problem, people need to come first. They are still the weakest security link, and today are anxious, confused, navigating new work habits, and desperate for information, all of which is being exploited by increasingly savvy cyber criminals.

But remember, users aren’t the only people in the equation. The IT team is now stretched, suddenly supporting a remote work organisation while working remotely themselves. New strategies to increase remote endpoint protection need to be simple, scalable and integrated to support the people at the frontline of cyber protection in an organisation.

  1. Acknowledge it’s a balancing act and make the best call for your organisation

Cyber protection is a complex challenge covering data protection and cyber security, and so needs a multi-vector approach to solving it. Acronis has a useful way of summarising these cyber protection vectors: SAPAS.

  1. Safety: Is your data kept safe, and can it be recovered?
  2. Accessibility: Can your people access the information they need, wherever they are and at any time?
  3. Privacy: Do you know who can see and access different types of data?
  4. Authenticity: Are you certain a copy is the exact replica of the original data?
  5. Security: Is all your data, including backups, protected against cyber threats?

A further complexity is that sometimes these vectors shift and work against each other. Like today, IT teams need to work to ensure that data, applications and systems are accessible to their people wherever they are to ensure business continuity. But what does this mean for other vectors such privacy or safety?

  1. Wash your hands: AKA your remote endpoints are your first line of defence

Just as we are all going to get used to sanitising our hands and having our temperature taken before entering hospitals, offices, and practically anywhere to prevent the spread of COVID-19, remote endpoint protection is going to be critical in preventing malware from entering corporate networks and spreading. And here, SAPAS applies too: each organisation is going to need to balance the competing cyber protection vectors on remote endpoint devices to keep their network and people secure. These vectors of protection are close knit, and the structural integrity of an organisation’s cyber protection relies on each vector being present and supporting each other.

Without making any predictions about the length of lockdown and how it will be relaxed, we need to assume we are in it for the long-haul when it comes to this new way of working. And this won’t be reversed, not if you want to hire the best people. Take a quick look through recruitment site, Offerzen’s company listings: hiring companies highlight remote and flexible working as a benefit as often as no dress code and a barista coffee bar. So a small silver lining is that the changes that need to be made today to protect remote endpoints are not a temporary band-aid. In fact, companies are laying the foundation for the next phase of doing business in a post-pandemic world.

Let us know if you would like an introduction to one of our MSP partners offering Acronis Cyber Protect and to find out more about Cyber Protection for remote work.

This article was first published on ITWeb on 6 May 2020

Find out why the Central University of Technology chose Acronis for backup

By 2020

2020-05-01 When Donally Phonene, Enterprise Systems Engineer, joined the Central University of Technology (CUT), he identified the need for a new backup system that was simple to use and manage, cost-effective, and could guarantee rapid full machine recovery. In addition, the new backup service needed to be able to easily support the current environment while providing the opportunity to scale up in the future.

CUT is a tertiary education institution in Bloemfontein, South Africa, offering both classroom-based and distance learning to more than 10,000 students. From an IT infrastructure perspective, and specifically in terms of its backup needs, CUT manages an environment of more than 100 virtual machines running on 15 physical servers. It also has Oracle and SQL databases in production, which added to the cost of the legacy backup system, because add-on licences were required for these databases. Furthermore, strict disaster recovery procedures were already in place and a very specific response time objective (RTO) of four hours was required for full recovery of a physical or virtual machine.

After an evaluation of several backup providers, Phonene selected Acronis Backup for CUT because it is easy to use, easy to administrate, cost effective, and met CUT’s technical requirements. In addition, Acronis Backup was the only solution evaluated that could recover a full image of a machine, regardless of whether the data is on-premise, hosted on remote systems, in private or public clouds, or on mobile devices. AI-based ransomware and crypto-jacking protection, improved backup validation, and blockchain backup authentication through Acronis Notary also make Acronis Backup the most secure and reliable solution on the market today.

Once CUT decided to deploy Acronis Backup, it took a week to completely migrate from the legacy system. This rapid deployment is thanks, in part, to Phonene having previously attended Acronis Certified Engineer training organised by Synapsys.

Phonene said: “The benefits of working with Acronis are very clear: it is easy to use, making it easy to recover VMs or physical machines thereby providing the business continuity that CUT requires.”

“The encryption feature is also particularly valuable and is something we are looking to take advantage of once we complete some hardware upgrades to speed things up.” Interviewed in 2019, Phonene said he was also planning on leveraging the functionality of Acronis Backup by backing up Sharepoint Online.

Read the full case study here.

Note: CUT is an Acronis customer via one of Synapsys’s reseller partners.

Written for publication on the Synapsys website on 1 May 2020

Synapsys, Stay one step ahead Be the ultimate defence against ransomware

Ransomware Roundup – 6 articles looking at recent ransomware activity

By 2020

2020-04-15 As if hospitals around the world didn’t have enough to deal with during the COVID-19 pandemic, in early April Interpol warned healthcare institutions about an increased ransomware threat. It said it had “detected a significant increase in the number of attempted ransomware attacks against key organizations and infrastructure engaged in the virus response.”

The pandemic is something of a perfect storm for cyber criminals. Targeting tired, overworked healthcare professionals with emails purporting to contain important updates about coronavirus is a particularly nasty and cynical piece of social engineering. And if a ransomware attack takes place, hospitals are put in a situation where lack of access to their data and systems could very literally result in people dying. Not to mention a lack of trust in a time when people need to rely on medical care.

In recent years ransomware attacks have shifted from individuals to public organisations and enterprises. We are seeing the same trend in South Africa, with the high profile attacks on City Power, Johannesburg’s electrical utility, and the City of Johannesburg in 2019, and more recently an attack on the stolen vehicle recovery company, Tracker.

Most recently, Acronis alerted us to new ransomware that has emerged in Europe, called CoronaVirus. Attackers distribute the ransomware through a fake website pretending to promote WiseCleaner, system optimisation software.

Acronis’s existing AI-powered Acronis Active Protection defence, which is included in all its cyber protection solutions, successfully stopped more than 400,000 ransomware attacks last year, preventing an estimated $200 million in damages. And with the launch of Acronis Cyber Protect Cloud this month, combined traditional data protection and classic cyber security services are going to address all five pillars of cyber protection: Safety, Accessibility, Privacy, Authenticity, and Security. This results in a two-pronged approach: use AI to knock down ransomware and other attacks before they have a chance to take root, and if something somehow gets past those defences, recover any compromised data from a recent backup.

Written for publication on the Synapsys website on 15 April 2020

Acronis Cyber Protect – beta users weigh in

By 2020

2020-04-08 Synapsys Presales Engineer Nick Keene, together with two representatives from a USA-based MSP and Czech-based Distributor respectively, recently shared their beta-experience feedback on the upcoming Acronis Cyber Protect Cloud product.

Acronis Cyber Protect Cloud recently moved out of private beta and into public beta, making it available to any service provider or cloud distributor who is interested. This is the final step before the general availability (GA) of the product, scheduled for Q2 of 2020.

As with any new product launch, feedback from beta customers is tremendously important. The participants featured in these case studies each have a unique approach to the IT channel in their respective markets.

About Acronis Cyber Protect Cloud

This unique AI-enhanced solution is designed for service providers and integrates data protection with cybersecurity. This synergy empowers service providers with prevention, detection, response, recovery, and forensic capabilities in an easy and efficient way.

Enriched with next-generation, full-stack anti-malware protection and comprehensive, yet simple, endpoint management tools, it enables service providers to easily make cybersecurity a focal point of their offering.

And because it’s built on top of Acronis’ industry-leading backup and disaster recovery platform, Acronis Cyber Protect Cloud simplifies onboarding, daily operations, and reporting, and combats advanced attacks with new use cases enabled by integration.

Relevance to customers

All three case study participants concluded that Acronis Cyber Protect Cloud will be relevant to their customers and, not surprisingly, each had a unique take on what would resonate with their customers and why.

Synapsys Presales Engineer Nick Keene noted, “A lot of our MSP partners are only doing backup with Acronis, they use other vendors for cybersecurity… we are excited to be able to give them another revenue stream that can make their lives easier when it comes to security management.”

Dennis McKernan, Director of Security at Union Technology Cooperative (UTC) in Middleton, Wisconsin, observed that “If our clients are using the remote access functionality (in Acronis Cyber Protect), they will be signed into the dashboard regularly and can see status updates and alerts about their machines that need a backup or applications that need patching.”

According to Štěpán Bínek, Product & Sales Manager at Zebra Systems in the Czech Republic, “Our MSP partners see a great opportunity for their own growth with Acronis Cyber Protect. They like a single solution the combines backup, anti-malware, and patch management – they can save time and money using one solution in one console. Other features that are resonating include continuous data protection and hard drive health monitoring.”

Market opportunity

All three see a compelling market opportunity for Acronis Cyber Protect Cloud.

For UTC, McKernan said, “There’s a real opportunity to introduce an integrated security product, especially one that offers remote access. Our goal with Acronis Cyber Protect Cloud is to provide this industry-leading protection for existing customers.” Additionally, he noted, “It would be great if we could combine our separate systems (Symantec, Cisco, Panorama 9) into an integrated solution, which is the direction Acronis is heading.”

Zebra Systems’ Binek noted, “We are very aligned to the vision Acronis has for one solution that will cover most parts of cybersecurity, and it makes sense to have one agent to cover all the necessary things that our MSPs and their end customers need to cover. For Zebra and our MSPs, we see Acronis Cyber Protect as a huge opportunity to grow – there is triple-digit growth potential in the next few years here.”

For Synapsys, Keene concluded, “It’s a great product. Having a unified product with a single agent and interface will make a big difference and a big splash in our market. It should be a game-changer.”

Adapted from an  Acronis Blog article published on 30 March 2020

Acronis Cyber Cloud 8.0 now available

By 2020

Acronis Cyber Cloud version 8.0 will deliver advanced full-spectrum cyber protection, thanks to several significant feature enhancements.

“These new features are sure to delight service provider partners worldwide, simplifying their tasks and giving them even greater peace of mind in terms of security,” says Peter French, MD of award-winning local distributor Synapsys. Highlighting in particular the enhancements to the Disaster Recovery service, French anticipates a surge in interest from prospective partners.

Responding to feedback and requests from Acronis managed service provider (MSP) partners worldwide, major improvements have been designed with ease of use, efficiency and security in mind, and include edition-based feature management and licensing for easier upsell, application-aware VM backup on Hyper-V, and the inclusion of advanced features of the Acronis Cyber Backup 12.5 on-premises solution.

A further welcome addition to the feature set is the built-in support for SAP HANA and Oracle Database.

Disaster Recovery highlights

With significant R&D focus directed at the Disaster Recovery component of the platform, Acronis sought to reduce management overhead and improve service-level agreement (SLA) compliance with features, including a new Disaster Recovery section in the management console, a redesigned cloud server management UI, and recovery servers RPO compliance tracking, while the new VPN-less deployment option will make for faster, easier customer onboarding.

Cyber Protection

These new features and capabilities in their service provider platform are in line with Acronis’ strategic vision to merge data protection and cybersecurity into the new discipline of cyber protection and thereby address modern digital protection challenges more holistically.

This article was first published on ITWeb on 21 January 2020

Acronis Unveils Cyber Protection at Recent Summits

By 2020

January, 2020 Two recent Acronis events in Miami and Abu Dhabi in October and November respectively provided the ideal platform for new product announcements and the exposition of a fresh strategic vision for the global cyber protection organisation.

‘Traditional backup is dead’

Explaining why “just backup” is no longer adequate, Acronis founder Serguei Beloussov has on several occasions outlined the need for a multi-pronged approach to solving the rapidly evolving challenges faced by today’s digital world.

Five problem areas transformed

By merging data protection and cyber security into the new discipline of cyber protection, Acronis has strategically positioned itself to target the broader spectrum of challenges located within the acronym SAPAS: Safety, accessibility, privacy, authenticity, security.

These five problem areas, typically tackled with individual solutions from different vendors, have been transformed into the five vectors of cyber protection and form the backbone of Acronis’ new, unified approach.

Integrated solutions

Beloussov’s announcement of three new cyber protection solutions confirms Acronis’ commitment to addressing the fragmentation in the current cyber protection market:

1. Acronis Cyber Protect – integrated backup, disaster recovery, AI-based malware protection, remote assistance and security in one complete, unified and efficient solution.

2. Acronis Cyber Infrastructure – software-defined compute, network and storage united in a single, scalable product.

3. Acronis Cyber Platform – connects ISVs, devs and MSPs to the Acronis community of 50 000 channel partners to facilitate customisation, integration and extension of their applications and services with cyber protection solutions.

An additional indication of Acronis’ focus on integrated cyber protection is the inclusion of the word “Cyber” in existing product names.

Along with its mission to provide comprehensive cyber protection, Acronis sees these new products as offering great market opportunities – and margin – to their partners, and partner interaction on social media during both events indicated overwhelmingly positive responses to the new solutions.

“Service providers and resellers can look forward to not only offering their customers more, but also eliminating the myriad complications and overhead associated with supplying multiple solutions from multiple vendors,” affirms Peter French, MD of award-winning local distributor Synapsys.

First published on ITWeb on 8 January 2020