Boards.ie uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Click here to find out more x
Post Reply  
 
Thread Tools Search this Thread
20-07-2019, 20:51   #1
Impetus
Registered User
 
Join Date: Sep 2013
Posts: 1,599
The risk of using cloud services amplified in the Quickbooks hack

Quickbooks cloud services were hit with a ransom attack. As a result probably hundreds of thousands of businesses are without access to invoicing, inventory management etc for the past three days. It raises questions in one’s mind about the quality of their backup systems. Admittedly it is a nightmare problem with thousands of new transactions hitting the system every minute, followed by a random attack, and the need to decide on where to draw the line in terms of ‘clean’ backups and rolling back to a known good point in the storage. And communicating that to a large volume of clients who think they are paying for a resilient system.

The company’s response seems to have been simply to cut prices for new subscribers – eg from USD 29 per month to USD 8.70. Which is little consolation to clients whose businesses have become reliant on this ‘service’.

Software companies are forcing clients to move to the cloud, with monthly or annual payments – instead of selling a software package which can be installed and expected to remain static and reliable – aside from the odd patch for security etc.

https://krebsonsecurity.com/2019/07/...ck/#more-48277

Quickbooks is not alone. Office 365 has been forced on users who previously licensed office as a software application and ran it on their own systems. The cloud based interface changes incrementally every few weeks and there are periods of downtime. As I write this, Office 365 seems to be experiencing a lot of trouble reports in the US:
https://downdetector.ie/status/office-365/map/

The user has lost control over updates and when they should take place, in many environments.

It is high time that software / system providers had the same legal responsibilities as the sellers of tangible assets. With no option to contract out of these liabilities.
Impetus is offline  
Thanks from:
Advertisement
21-07-2019, 19:42   #2
horgan_p
General Dogsbody
 
Join Date: Jan 2007
Posts: 2,309
So here's the thing with cloud computing :

1) It isn't designed to be cheaper than on prem. If it is - hooray, but that doesn't happen often
2) It doesn't absolve you from responsibility - you need backups just as much (if not more than) as your on prem solution.
3) It doesn't get you around GDPR either. It can help tremendously in admin and prepping for to be GDPR compliant, but it isn't a silver bullet.

I've often had conversations with smart people about backing up Office 365, and I nearly always get the 100 yard stare.

If your data is on prem then you know who is the sysadmin. With cloud you don't .

If you want a laugh - go look at what Sage are peddling as their "cloud solution". They are open to having similar issues.
horgan_p is offline  
Thanks from:
22-07-2019, 20:01   #3
Impetus
Registered User
 
Join Date: Sep 2013
Posts: 1,599
Quote:
Originally Posted by horgan_p View Post
So here's the thing with cloud computing :

1) It isn't designed to be cheaper than on prem. If it is - hooray, but that doesn't happen often
2) It doesn't absolve you from responsibility - you need backups just as much (if not more than) as your on prem solution.
3) It doesn't get you around GDPR either. It can help tremendously in admin and prepping for to be GDPR compliant, but it isn't a silver bullet.

I've often had conversations with smart people about backing up Office 365, and I nearly always get the 100 yard stare.

If your data is on prem then you know who is the sysadmin. With cloud you don't .

If you want a laugh - go look at what Sage are peddling as their "cloud solution". They are open to having similar issues.
I totally agree. If you use AWS S3 for example and you keep files in Ireland, you need another backup perhaps in Germany or NL - ideally on another provider (eg Wasabi.com) who provide immutable storage in Amsterdam etc. Immutable can't be erased or encrypted once written. As well as several generations of backup within easy reach, in locations other than a server location.

I backup my office 365 stuff to a number of Samsung SSDs using USB-C connectors - which I find very fast. SSD might not be the best thing for backup - but it is very fast via USB-C. And I find Office 365 so flaky I don't use it to store anything of material value. Just semi-junk that I might need to view on my mobile phone etc.

At least with Amazon one can see where one's files are being stored and select a location. Office 365 is far more vague. And neither Amazon nor Microsoft are based in a neutral country.

It is a bit like the 'British' ship that was arrested by Iran the other day. It is owned by a Swedish company Stena Bulk AB. Sweden is a neutral country. The ship itself is owned via a Cyprus based company - which is not a neutral country. And it flew a GB flag. How dumb can a company get? It reminds me of Bayer AG buying Monsanto a year or so ago. Bayer is now plagued with legal claims coming home to roost from Monsanto's weedkillers, which date from long before the take-over.

With Brexit, most of Ireland's telecommunications capacity goes via 'Five Eyes' countries where it is undoubtedly monitored. The telecommunications industry is extremely dozy in terms of establishing large quantities of direct bandwidth between Ireland and mainland Europe, over routes that do not enter GB water.

Peoples' mobile phones are sending position and other telemetry information either via VOLTE and / or CCITT 7 signalling which is being sent by several 'Irish' mobile phone networks to countries engaged in state terrorism in various parts of the world.
Impetus is offline  
Thanks from:
23-07-2019, 12:24   #4
LoLth
Special
 
LoLth's Avatar
 
Join Date: Feb 1998
Posts: 9,827
nvm. no point.

Last edited by LoLth; 23-07-2019 at 14:12.
LoLth is offline  
Post Reply

Quick Reply
Message:
Remove Text Formatting
Bold
Italic
Underline

Insert Image
Wrap [QUOTE] tags around selected text
 
Decrease Size
Increase Size
Please sign up or log in to join the discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search



Share Tweet