A 10-point guide to derisking cloud platform migrations

A 10-point guide to derisking cloud platform migration

The benefits of migrating data and workloads to the cloud are by now well understood. But cost, complexity and skills are often a barrier. An estimated 72% of global organisations run hybrid environments today, meaning they blend public cloud deployments with private cloud and/or on-premise datacentres. That can add flexibility, but also risk.

Fortunately, help is at hand.

What are the risks of failure?

The public cloud is often seen as a more cost-effective option. But this isn’t always the case. A reasonably priced quote from an MSP may look good on paper and a contract is signed. It’s during the migration or in the early days that performance issues start to occur, and the costs start to ramp.

Additionally, if any one part of the cloud migration piece doesn’t work as intended, it could have a major impact on employee productivity, morale and even lead to data loss. That could feed quite quickly through to a negative hit on brand reputation and the bottom line. No organisation wants to be forced to fail back workloads after making the strategic decision to go to another cloud platform.

From planning to execution

With that, here are some key things to bear in mind to de-risk any cloud migration strategy.

1. Plan, plan, plan:

It sounds obvious, but successful cloud migration projects begin with thorough planning. It’s not just about a project manager describing what’s going to happen. It’s essential to begin with a clearly defined scope, understanding the workloads that need moving and ensuring they’re going to the right location in the right cloud. The type of workload will dictate where and how migration should happen. Remember: even small changes can have a big impact on end state.

Most critically, any cloud initiative should be aligned with business strategy. That’s why it’s important to start with a tailored assessment of the business and current IT systems, business priorities, future vision and key challenges. From there, the MSP should be able to create a personalised cloud solution that meets the client’s specific needs. QuoStar will create a comprehensive plan that outlines the scope, resource requirements, and project deliverables. This will always include accurate costs and a detailed plan of action.

2. Back-up and integrate:

If it’s a case of migrating from on-premise to a private cloud, this means ensuring the organisation has the right replication tool sets. If it’s about migrating to the public cloud, the organisation will need backup capabilities properly tested through to recovery for the solution that’s being migrated. Consider migrating to a development environment first, and/or moving a small handful of non-key workers’ services. A phased approach like this will help to surface any potential issues early on.

Another potential hurdle relates to core management system applications. If they’re simply “lifted and shifted” to the public cloud, poor integration with other applications may result in reduced operational efficiency and productivity, ultimately increasing cost. Typically, it’s business-critical legacy applications that are best suited to a private cloud but with tight and fast integration into a wider public cloud.

3. Get security right:

Security is still a top-two cloud challenge for businesses, cited by three-quarters (73%) of organisations. Following best practice is essential here, because when migrating data and workloads, teams may unwittingly open up doors into their infrastructure for a prolonged period. It could be a local site that needs to be connected via VPN to cloud workloads in order to transfer data, for example. If that site gets compromised, then the threat actor will have a direct pathway to into the cloud environment.

Security solutions often won’t lift-and-shift into the cloud. It’s important to consider what new tooling and approaches may be required. Sometimes it’s simple things that could unwittingly expose cloud infrastructure to threats – right down to the way networking works in the cloud. Consider carefully which assets need to be restricted, and that security works differently in private and public cloud.

Having an IT partner with a proven track record in cybersecurity can be extremely useful, as its experts will be trained to monitor for any potential risks or gaps and advise which solutions can prevent breaches. QuoStar is supplier agnostic and understands that some components work well in certain situations but not in others. It’s all about ensuring the right for business outcome rather than supplier. Understanding the organisation’s shared responsibility obligations is also key.

4.Have the right skills to hand:

It goes without saying that any organisation migrating to the public cloud needs to understand what they’re doing. This is sometimes where in-house teams used to tried-and-tested on-premises ways of doing things may hit a barrier. Expert third-party help can sometimes be essential, especially if internal teams are being stretched to the limit by digital transformation initiatives. The right IT partner will guide clients through their entire transformation journey, partnering with internal teams to share knowledge and even grow in-house experience and capabilities.

5. Start from the workloads:

To ensure the proposed cloud solution is the right fit for your organisation, think carefully about the workloads it wants to migrate. If it’s a case of moving on-premises infrastructure to the cloud to run “as is” for resiliency reasons, then private cloud is probably the best option. However, if the organisation wants to transform its infrastructure with platform-as-a-service, then public cloud would be a better pick.

As mentioned, increasingly it is a mix of the two. But exactly what this mix looks like will come down to the type of workloads in-scope. QuoStar will always consider a multi-cloud environment to mitigate risks associated with a single cloud, or just to find the right fit for the workload. With access to Microsoft Azure, Amazon Web Services, Google Cloud and other providers, there’s ample opportunity to find the best fit for each client.

6. Choose the right MSP/IT partner:

For most SMBs, an MSP will be essential to augment in-house skills during cloud migration projects and beyond. It’s important to choose a vendor agnostic partner to ensure they always pick the best solution on the market for a particular client and project. And one that has a tried-and-tested, mature migration process. It also pays to talk to a prospective MSP’s client base proactively rather than reading references handed over by the service provider. Speak to three or four to get a good mix of views.

7. Consider ongoing support:

The cloud landscape continues to evolve at speed. That demands a dedicated team and a proper service representative. Consider MSPs that offer support packages specific to the cloud platform(s) the organisation chooses, to ensure that the cloud provider (CSP)’s best practices are always being followed. Automated tooling will ensure that this is a continuous process, even as those best practices change.

If the organisation is moving to a private cloud and their MSP is fully managing that environment, it pays to check their past 12-24 months of uptime before selecting one. Talking to other clients is the best way of getting an honest answer on this.

8. Regularly review cloud provision:

Organisations will evolve over time, and so must their cloud set-up. Here are some of the tell-tale signs that an audit is required:

  • OpEx is spiralling
  • Performance issues are starting to impact the business
  • The business can’t grow or launch new services

Regular audits are also a good idea from a security perspective, given the constant innovation that happens in the cybercrime underground. It’s an industry worth trillions today, and as new threats emerge, organisations may need to evolve their cloud strategies.

Ensure any audit is completed by a third-party distinct from the MSP, to keep its findings as objective as possible.

9. Consider whether to repatriate data:

Research reveals that 76% of IT leaders plan to repatriate data from the public cloud back on-premises in the next three years. It could be for cost reasons, client demands, or simply to gain more control over their environments – so they’re not beholden to their CSP’s tech roadmap. Many organisations find they prefer dealing with a smaller, specialised MSP that understands their vertical.

If data is being migrated from a public to a private cloud, an MSP could help here too, by managing the underlying hardware up to the OS level. This saves cost and resource, enabling the in-house IT team to focus on higher value tasks. Whatever the final destination of the data, the project should be managed in the same way as before; in a carefully planned, phased approach based around a rigorous assessment of the relevant workloads.

10. Define the Cost

Assess the Costs and Complexity: QuoStar understands how to fully scope the migration, including the costs and skills required. Be aware that other quotes from a Managed Service Provider may not cover all the resources needed, potentially leading to significant cost increases if additional resources are required later down the line. especially with public cloud.

Cloud migration can be fraught with complexity, so getting a partner you can trust is the first step to success. At QuoStar, we’ve been helping clients to transform their business via cloud optimisation for over a decade.

QuoStar Achieves Microsoft Solutions Partner for Digital & App Innovation (Azure)

QuoStar Achieves Microsoft Solutions Partner for Digital & App Innovation (Azure)

The world of work is changing at high velocity. And for the large part, it is cloud-powered technology that is driving this change. By one estimate, 73% of organisations have embraced a hybrid strategy. But the path to digital transformation isn’t always clear. Expertise is in short supply and the options are at times overwhelming, as vendor offerings continue to evolve at speed.

That’s why QuoStar is delighted to have been named Microsoft Solutions Partner for Digital & App Innovation (Azure). As your trusted partner, we can ensure you have the rights skills, solutions and capabilities to deliver tangible outcomes using advanced technologies within the Microsoft stack.

What this means for your business

Microsoft states that QuoStar achieving the Solutions Partner for Digital & App Innovation (Azure) demonstrates their competence in aiding clients to develop, operate, and oversee applications over various clouds, on-premises, and at the edge, using the clients’ chosen technologies and platforms. This may involve:

  • Migrating and deploying production web application workloads, applying DevOps, and managing app services in Azure
  • Managing production workloads in the cloud using containers and managing hosted Kubernetes environments in Azure
  • Implementing secure DevOps practices and driving DevOps adoption while using Azure and GitHub

Yet it’s all of this and much more. QuoStar prides itself on combining deep technical expertise with close working partnerships, to understand and deliver exactly what our clients need. The Solutions Partner for Digital & App Innovation (Azure) designation proves we can do this for clients via cutting edge app development, but also related competencies like data analytics and cloud-native solutions. It means these clients can trust us to do what’s right for their business in line with industry best practices – whether it’s delivering a GenAI-powered chatbot, or a mobile workforce application to support hybrid working.

This latest designation also completes a trio of Azure solutions partner accreditations for QuoStar, cementing our reputation across app development, infrastructure, data and AI. QuoStar now holds the following Microsoft Solutions Partner designations:

“The business’ commitment to continued investment in our processes and technical ability have delivered us the third and final Azure solution partner designation, proving we are experts in operating across the Azure ecosystem. Our Commitment to learning and development will see us release new services and continuously improve our existing offerings,”

– Charlie Thompson-Hill Head of Presales and DevOps

Facing the future

We’re not stopping at this additional Solutions Partner designation. QuoStar is launching a renewed framework for migrating all workloads to the cloud, focusing on our expertise in transitioning traditional environments, applications, and databases. We understand that migrating to the cloud can be daunting and challenging, but we’re here to support our clients through a controlled ascent, without risk.

Schedule a free discovery call to see how we can drive your digital innovation and achieve your business goals. Enhance your applications with QuoStar's Microsoft Azure expertise.

QuoStar named one of the UK’s fastest-growing companies by The Sunday Times

QuoStar Named One of the UK’s Fastest-Growing Companies by The Sunday Times

QuoStar has hit plenty of milestones over the past two decades. But the past few weeks have been particularly special. First, the company was named as one of the top managed service providers (MSPs) in the world by Channel Futures MSP 501. And today, we’re following that up with inclusion on the famed Sunday Times 100 list.

It’s another tremendous accolade, but we’re grounded in our commitment to delivering the best outcomes for our clients, which has been central to our success and will continue to be our touch-stone. This recognition reflects the win-win partnerships we’ve cultivated over the years and underscores our dedication to maintaining these standards.

Following in the footsteps

The Sunday Times 100 has been around in some form or another for over a quarter of a century. The league table ranks the top 100 independent, privately owned companies in the country with sales of over £5m that recorded the fastest-growing sales over the past three years. Over the years, it’s played host to some of the UK’s biggest and most important names, including Carphone Warehouse, retailer Boden and chip giant Arm Holdings – which was sold to Softbank for over £20bn.

Richard Tyler, Founding Editor of The Sunday Times 100, explains that it’s increasingly challenging for even fast-growing British companies to make it onto the prestigious list.

“The pace of growth required to secure a place on the league table has shot up this year, so QuoStar should be particularly proud of its achievements in what have remained challenging trading conditions,” he says.

QuoStar CEO, Robert Rutherford, adds his thanks to both the firm’s employees and clients. “This outstanding achievement reflects our performance over the past few years and is a testament to the dedication, effort, values, and skills of our entire team. We always knew we were doing something great – now a major award confirms it,” he says.

Keeping things simple

Today, QuoStar employs over 100 people and serves hundreds of clients across the UK and overseas, from offices in Bournemouth, London and Leeds. Yet despite our continuous growth trajectory over the years, the mission hasn’t changed.

It’s not about chasing growth for growth’s sake. It’s about continuing to do the simple things well. Building solid client relationships. Taking time to understand their unique requirements. And using our decades of in-house IT expertise to deliver exactly what they need to succeed.

These tenets will always be central to the QuoStar way of doing things. We can’t wait to see what the future holds.

QuoStar will join other Sunday Times 100 founders and directors in celebrating at an invitation-only networking dinner on Wednesday, 18th September at The British Museum.

To find out how we can help your business with tailored IT solutions, get in touch today.

QuoStar ranked as one of the world’s top managed service providers 2024

QuoStar ranked as one of the world’s top Managed Service Providers

Since its inception in 2005, QuoStar has been on a mission to bring enterprise-grade IT services to businesses of all sizes. Nearly two decades later, its focus on excellence, partnership and client outcomes remains as committed as ever.

Our CSAT scores, averaging at 98%, suggest that our clients approve of what we are doing, and now we have market recognition for this. We are delighted to have been recognised by the Channel Futures MSP 501 as one of the ‘best of the best’ managed service providers (MSPs) in the world. This achievement is a testament to a great deal of hard work and our relentless focus on delivering for our clients.

What’s the MSP 501?

The Channel Futures MSP 501 has been ranking the world’s MSPs for the past 17 years, according to a strict set of criteria. It includes annual revenue, profitability (as measured by EBITDA) and recurring revenue. MSPs also undergo a detailed review by a Channel Futures research team, which further ranks applicants according to long-term financial health, commitment to recurring revenue and operational efficiency.

This year’s list was described by Channel Futures as “one of the most competitive in the survey’s history”, which makes QuoStar’s inclusion doubly gratifying. Those sitting alongside QuoStar on the list generated a combined revenue of nearly $25bn, with average growth or recurring revenue of 19%.

“This recognition underscores our team’s performance, strong partnerships, and our client-focused strategies,” says CEO Robert Rutherford. “This is just the beginning—more well-deserved awards are on the horizon. Thank you to our clients and our team for making this possible. We are excited for 2024 and the years to come as we execute plans, deliver outcomes and maintain quality.”

Delivering time and again

MSP 501 winners are described by Channel Futures as among “the most innovative, driven, and successful MSPs in a fiercely competitive industry”. For QuoStar, being named among the top global MSPs underscores the dedication of our elite team of IT experts, who work so hard to build best-in-class solutions for clients. It’s not about being the biggest, or most successful. It’s about delivering for those clients every single time—to transform and grow their businesses through tailored IT solutions.

Thanks go out to both our clients and our team for helping us achieve this milestone. It won’t be the last. In the meantime, QuoStar will keep doing what we’ve always done. Building great relationships with clients and technology companies. Staying at the cutting edge of technology innovation and delivering service excellence. Even as we continue to grow, this focus will never change.

Contact us today to discover how QuoStar can enhance your business with our comprehensive managed services.

Current Challenges and Opportunities in the Legal Sector

Current Challenges and Opportunities in the Legal Sector: Insights from our legal roundtable

Throughout the year, QuoStar holds roundtable events for the legal sector, where a small group of attendees can get together over a three-course meal to share industry insight and best practice. At the end of April, we held our first event of 2024, with QuoStar CEO, Rob Rutherford joining myself and several Partners, Managing Partners, and Heads of IT from south coast law firms.

It was a fascinating evening of discussion, with a focus on how best law firms can mitigate mounting cybersecurity risk, drive operational efficiency and use tech innovation to gain an advantage.

Law firms in the crosshairs

Cyber risk is fundamentally a strategic business risk today – and one that impacts all legal sector organisations, no matter what their size. Attendees around the table agreed that their company is very much in the crosshairs of threat actors – whether they’re financially motivated cyber-criminals, state-sponsored hackers or even disgruntled current or former employees. Automated tools mean these bad actors can continuously probe for vulnerabilities in public-facing IT infrastructure without breaking sweat.

Their efforts are hitting home. Current data is hard to come by, but the Solicitors Regulation Authority claims that 18 law firms in the UK were hit by ransomware in 2021. Three-quarters (73%) of the firms it visited for a cybersecurity review a year earlier reported cyber-related incidents. Separate data from the Information Commissioner’s Office (ICO) analysed by insurer Chaucer reveals that the number of legal sector data breaches reported to the regulator increased 36% annually to reach 226 in 2022/23.

There are many reasons why law firms are a popular target for attack. They hold sensitive client information, handle large volumes of funds and play a key role in business transactions. The National Cyber Security Centre (NCSC) warns that firms acting for organisations that engage in “controversial” work such as life sciences or energy may also be targeted by hacktivists. The top threats to the sector are phishing, data breaches, ransomware and supply chain compromise, it says.

Time for multi-layered cyber-defence

As digital investment grows in the sector, so does the cyber-attack surface. All attendees recognised the challenge – agreeing that everyone in an organisation needs to play a part in keeping their firm safe. From a strategic perspective we recommend the following:

  • Deploy robust security controls and best practices such as advanced firewalls, multi-factor authentication (MFA), complex passwords, mobile device management, and vulnerability management.
  • Don’t ignore the human factor. Ongoing staff awareness raising and education is key to mitigating the risk of phishing, which is often the starting point for breaches
  • Put an incident response plan in place today, to enhance business resilience and minimise the impact of a security breach if one occurs. Data cited by the Law Society claims only 35% of law firms have one in place. It’s also important to test this, such as what happens if the firm is affected by Ransomware.
  • Consider obtaining a cyber accreditation such as Cyber Essentials Plus and ISO27001. This won’t stop attacks occurring, but will ensure the organisation is better placed to respond efficiently, mitigate the impact, whilst also reassuring clients. QuoStar can help by undertaking an independent audit to identify any gaps in current security posture, risk management, governance and compliance.

Risk extends to third parties

Law firms increasingly outsource parts of their IT function to third-party suppliers – whether they’re a provider of cloud services (CSP), SaaS applications or managed services (MSP). But these entities in turn can be a target for attack – making it essential that they maintain the same high level of cybersecurity as their client organisations. It is no defence to say that a third party was responsible for a breach. The regulator will generally hold both parties responsible. Nor is this a theoretical risk. A UK-based MSP was hacked last year via an exploited vulnerability and the resulting breach impacted dozens of its legal sector customers for over a month.

Attendees around the table argued that it’s not good enough to assume that larger suppliers are inherently to be trusted. Given what’s at stake, it’s vital to conduct thorough due diligence, and undertake a security audit of any prospective supplier, which QuoStar can help with. Those accredited with Cyber Essentials Plus, ISO 27001 or other standards/frameworks are a good place to start.

Gaining an advantage through AI

Finally, no roundtable discussion on technology would be complete without a conversation about the role AI could play in driving advantage. The IT and business leaders we spoke to are rightly sceptical about many of the claims currently being made by vendors about their products – especially legacy tech vendors they see as jumping on the AI bandwagon.

Most of those around the table understood AI to mean generative AI (GenAI) tools like ChatGPT and Copilot. But in fact, there’s much more to the technology than this. Law firms could utilise:

  • Pure AI, using core algorithms to develop their own AI solutions. One example we heard was a law firm using AI to predict the outcome of litigation cases
  • GenAI: AI that can produce and summarise content including text, video and images
  • Packaged AI: suppliers that have built AI features into their technology and deliver these to law firms, eg many suppliers now embed machine learning into their applications

Attendees were unanimous in agreeing that AI will play a major part in the practice of law in the future. But they also argued that headlines claiming it will replace large number of lawyers and fundamentally change the way the sector operates have been significantly oversold.

AI will simply be another tool. By all means experiment with it – especially GenAI, which could have some productivity benefits – but don’t feel like the company will be left behind if it does not embrace AI immediately. There are certainly challenges to be managed – not least, biased/inaccurate output, and potential data security and confidentiality risks when inputting information. The best option for many may be to wait for others to make the leap first and then learn from them.

Stay informed, sign up

QuoStar is designated a Microsoft Solutions Partner for Data & AI (Azure)

QuoStar is designated a Microsoft Solutions Partner for Data & AI (Azure)

Data sits at the beating heart of any business. How effectively organisations can extract insight and value from it will play a big part in determining their long-term success. It could help to drive more efficient business processes, reduced wastage and enable better-informed, strategic business decisions. Thanks to cloud-powered AI and analytics tools, more organisations than ever have access to potentially transformative, cutting-edge capabilities.

That’s why QuoStar was delighted to be recently designated a Microsoft Solutions Partner for Data & AI, to bolster our existing three Solutions Partner certifications. It means that we now hold all Microsoft Solutions Partner designations for Azure. The announcement is further proof of QuoStar’s expertise in cloud transformation and commitment to empowering clients with the best in Azure data services.

What does it mean?

Being recognised as a Microsoft Solutions Partner for Data & AI reinforces our expertise in Azure data services – enhancing client confidence that their projects are safe in QuoStar’s capable hands. Among other things, partner status denotes a high degree of skill and experience in delivering:

  • Database migration to Azure, or undertaking projects to ensure clients have access to the best Azure offering possible
  • Deployment and guidance on platform-native governance across Azure and inside the managed data
  • Analysis of existing workloads, and extract, transform, load (ETL) operations to migrate data to cloud-based data warehouses and enable cloud-based analytics solutions
  • Ongoing support and optimisation of workloads, helping clients offload performance, cost and reliability concerns
  • Tailored Microsoft analytics solutions using Azure Synapse Analytics, Azure Data Lake, Azure Data Factory and Azure Databricks
  • Client adoption of Al and Azure solutions

From strength to strength

This new Microsoft designation for QuoStar follows similar milestones last year. In May 2023 we announced the Microsoft Solutions Partner for Modern Work designation. It signifies our commitment to helping clients enhance productivity and support the shift to hybrid work using Microsoft 365. Then in June the same year, QuoStar was named a Microsoft Solutions Partner for Infrastructure (Azure) – highlighting our expertise in helping clients migrate their critical infrastructure workloads to Microsoft Azure.

As a Microsoft Solutions Partner, QuoStar will continue to work hand-in-hand with clients to help them optimise their use of data – using the latest Azure-based technologies and in-depth understanding of their business requirements.

To help support these efforts, we’re currently developing a new standardised approached, aligned to Microsoft values, designed to streamline projects and improve outcomes. When complete, it will help by highlighting what methodology a client should follow to better understand how their data is used day-to-day and how they can extract maximum value from it. It will focus on things like data structuring, visibility tooling, governance and cost optimisation alongside AI.

“It is QuoStar’s ongoing investment in its people, process and products that has enabled us to  gain this Solutions Partner for Data & AI accreditation. The new skills our people continue to learn, along with QuoStar’s ‘right person, right role’ ethos, will drive the company’s enduring value for our clients.” 

– Charlie Thompson-Hill, Head of Presales and DevOps

Are you ready to harness the power of data with QuoStar? Get in touch today for a discovery call and a complimentary assessment to learn how we can help you optimise your data across multiple systems, to drive business growth.

How careful planning can take the pain out of ransomware breach response

How careful planning can take the pain out of ransomware breach response

There is plenty that organisations can do to enhance their resilience to ransomware breaches. But no preventative strategy can ever be 100% guaranteed to succeed. The modern corporate attack surface is simply too porous and expansive, and threat actors too persistent, for that. That’s why network defenders should also be primed and ready for a worst-case scenario.

As we explained in our previous blog, an attack can strike at any time. And when it does, those in charge are often trapped in a whirlwind of confusion. The key to successfully managing such a situation lies with forward planning.

Planning for a breach

Ransomware is among the most common and acute cyber-threats facing UK businesses. And the threat will continue to grow with the advent of AI, the National Cyber Security Centre (NCSC) recently warned. For smaller businesses its impact can be particularly destructive. A 2022 study revealed that a fifth of US and European businesses had nearly been forced into bankruptcy by a historic attack. Last year one of the UK’s largest privately owned logistics firms entered administration due to “disruption” caused by a ransomware compromise.

Yet it doesn’t need to be this way. It all starts with putting the right team together. Ideally, it should include key representatives from the IT and security function, PR and legal – and possibly also HR and customer service stakeholders. That’s because, when a ransomware attack hits home, it can impact disparate parts of the business.

PR is essential to help organisations manage their external communications strategy. HR should be on hand to manage internal comms and cross-departmental collaboration. And legal will dispense critically important advice on engaging with regulators, managing potential customer/employee class action suits, and more. For most organisations, customer service will also need to be involved to manage the fallout for end customers. If any piece fails, there could be significant financial and reputational repercussions, including customer churn, regulatory fines and lawsuits.

The average cost of a UK data breach is calculated at $4.2m (£3.3m) today. But in some cases, ransomware has caused losses measured in the tens of millions. From a regulatory perspective, organisations need to think not just of data protection watchdog the Information Commissioner’s Office (ICO) but also any relevant industry-specific bodies, like the Financial Conduct Authority (FCA).

Putting the pieces in place

Every organisation is different, and there’s no single agreed format that an incident response team should take. Most important is that everyone has a clearly defined role that they understand, and that they are working under unequivocal instructions from an incident response lead. In many cases, this will be a senior individual from the IT team. Crucially, they need not only experience of working under pressure – and ideally in crisis incident response situations – but must also be given the authority to lead for the duration of an incident. That means even members of the organisation and board senior to that individual must respect their decision making.

The next thing a team needs is a plan. This is where many organisations fall down, by attempting too much. No one can predict how or when a ransomware breach will take place, and what its impact may be on the organisation. But many try, by building out complex incident response plans which will likely be redundant as soon as attackers strike. The key to success is rather to keep things simple and high level. The incident response team will need to improvise, but within their own clearly defined roles. It’s also important to ensure any pre-written plan is accessible in a crisis – ie, not stored on a server that has been encrypted by ransomware.

In a similar way, organisations shouldn’t overthink things by scheduling frequent incident response training exercises. In a typical organisation there are mini incidents occurring all the time which can be used to hone the skills of team members. Once a driver has passed their test, they aren’t forced to sit another one every six to 12 months: simply by being behind the wheel they continue to practice and improve the required skills.

Communicating clearly

Above all, when working through post-ransomware breach response, organisations must foreground the importance of clear communication. That could mean:

  • Communication between incident response team members
  • Communication with the board and senior managers (they should be kept updated at frequent intervals)
  • Communication with the wider community of employees – to ensure they follow policy by limiting what they publish online about an incident, and to maintain morale during what could be a long road to recovery
  • External comms. It’s vital that a senior spokesperson is chosen as part of the incident response team. This individual should be the face of the organisation during the breach response. External comms is critically important to prevent rumour and speculation, especially in the early hours and days following a breach

This is by no means a comprehensive checklist for post-ransomware breach response. But it’s somewhere to start.

For a more detailed briefing on what to expect from a ransomware attack and how to respond, register today for our upcoming reality check webinar: Assessing the real impact of a Ransomware attack.

Assessing the real impact of a Ransomware attack, webinar registration

A whirlwind of confusion: what happens in the first hours of a ransomware attack

What to expect when ransomware actors come knocking

The global economy might still be struggling to get back on track. But the finances of the cybercrime underground are in rude health. Payments from ransomware victims exceeded $1bn last year – a record high. And that’s just for the cryptocurrency wallets forensics analysts were able to track. The real figure is undoubtedly much higher. In this context, all organisations should plan for the day when they too will be compromised by ransomware actors.

Unfortunately, many still do not. And their lack of preparedness is something threat actors thrive on. During the post-breach response period, they will do everything in their power to ramp up victims’ confusion, in order to extract maximum financial returns.

Network defenders must stay calm and stick to their plan. When it comes to ransomware, forewarned is forearmed.

The worst-case scenario

There are several ways in which an organisation could end up a ransomware victim. RDP compromise, email phishing and exploitation of software vulnerabilities are still the top three attack vectors for threat actors. But the first the organisation may actually see of an attack is likely to be a ransom note on a networked PC – or potentially an entry in a ransomware data leak site detailing how much data has been stolen.

From the start, network defenders are on the back foot. They may have no prior experience of dealing with a ransomware breach. Their adversaries, on the other hand, are usually seasoned professionals with stacks of domain expertise. Their operations behave more like regular SMBs than one may imagine. And in some cases, their resources can match those of high-flying enterprises. One infamous group, Conti, reportedly spent $6m (£4.8m) annually on salaries, tooling and support services.

Many questions to answer

Victim organisations will have a relatively short time frame in which to act. This kind of time-based pressure is a classic social engineering technique designed to rush victims into making irrational decisions. A clock may count down the minutes they still have left to purchase a decryption key. Or for breaches where only data was stolen, until that data is ‘leaked’ to the world.

In the meantime, business leaders will be frantically asking their IT teams to answer their questions:

  • How do we deal with this?
  • Who can help us?
  • How much of the business is impacted?
  • How much data has been exfiltrated?
  • How much downtime can we expect?
  • Has the story been reported in the media/on social media?

Unfortunately, without a clear, pre-rehearsed incident response plan and team in place, such questions can be tricky to answer. And the threat actors will be doing what they can to continue wrongfooting their victims. Among the tactics designed to sow confusion and force payment may be:

  • Exaggerating how much sensitive data they have been able to exfiltrate
  • Threatening to launch a distributed denial of service (DDoS) attack
  • Contacting customers and partners and asking them to demand the company pays a ransom
  • Threatening to inform regulators about the breach

Such efforts are becoming increasingly persistent, and novel. In one case, a ransomware group hijacked a US university’s emergency broadcast system to send staff and students text messages and email alerts that their data was stolen and would soon be released. In another, they hijacked and defaced the victim organisation’s website to display a ransom note to the world. In a third case, a ransomware group claimed it was willing to alert crooked traders about a breach before it was made public, so that they could short the listed firm’s stock.

Such efforts have one single goal in mind: to throw a spanner in any recovery plans and put network defenders on the back foot. If they can frighten the organisation in to paying the maximum ransom demand rather than a lower negotiated figure, all the better.

Struggling to respond

Organisations caught in this whirlwind of confusion will find it extremely difficult to successfully respond unless they have prepared for something like this worst-case scenario. Yet unfortunately, government data tells us that just a fifth (21%) of UK businesses even have an incident response plan in place, rising to 47% of mid-sized firms. Fewer than two-fifths (37%) have cyber-insurance.

This matters, because despite the news headlines, most ransomware victims are not big-name brands or government agencies, but SMBs. The median size for a breached organisation stood at just 230 employees in Q4 2023. Some 36% of victims in the period had fewer than 100 staff members. There is a ruthless logic to this. Smaller firms are less likely to have the resources and expertise needed to protect against ransomware attacks in the first place, or contain and recover from them rapidly if they are breached.

The truth is that no organisation is safe from ransomware today. But a compromise doesn’t have to precipitate an existential corporate crisis. The message is simple: plan today to avoid a whirlwind of pain tomorrow.

To find out more on what a ransomware attack could entail for your organisation, and how to mitigate and respond effectively, sign up to our forthcoming reality check webinar: Assessing the real impact of a Ransomware attack.

 

Assessing the real impact of a Ransomware attack, webinar registration

 

 

 

Copilot for Microsoft 365: Our first impressions

Copilot for Microsoft 365 QuoStar first impressions

Copilot for Microsoft 365 was announced to much fanfare back in March 2023. It promises much: to free staff from the drudgery of day-to-day workplace tasks and in so doing unleash a new wave of productivity growth. But what’s the actual experience of using it like?

Our experts have had a few weeks to road test the tool. There are certainly some impressive features. But organisations should also be aware of what it can’t yet do, without them first spending significant extra time and resources on assessment and preparation of their data architecture.

What Copilot for Microsoft 365 does well

The bottom line is that Copilot for M365 can add value for employees using it for basic tasks in Teams, Excel, Word, Outlook and PowerPoint. In that respect, it could save users a few hours per month depending on their role. Here are our initial first thoughts:

  • The potential for time saving is clear to see, but doesn’t feel like the finished article just yet
  • Preparation needs to be done; organisations shouldn’t just dive right in
  • Word and PowerPoint Copilot work especially well for inspiration and a starting point in documents. But not to give you what you want without manual intervention.
  • It is worth the money. Even though we’ve not used Copilot to its full extent yet, users don’t need to be saving too much time in their workload for the ROI that under £30 a month provides
  • Time savings will just be the beginning. It could increase employee satisfaction, improve the quality of work and reduce digital debt
  • Remember that improper deployment without the right security measures may expose confidential company and employee details

Copilot for Microsoft 365 is particularly good at specific tasks/use cases. These include:

  • Effective meetings: Using Microsoft Teams CoPilot to take notes/summary enables users to concentrate on presenting and engaging.
  • Data Analysis: Bulky spreadsheets andare easily summarised, using CoPilot in Excel—whether that is producing diagrams, creating Pivot tables or projections.
  • Content Creation: Copilot in Word and PowerPoint is useful at providing starting documentation when users need inspiration, or for rewriting paragraphs with a different tone/language.
  • Email Processing: Copilot in Outlook can summarise emails when users have been out of the office, draft responses to emails, and rewrite emails with a different tone.

Where there’s AI, there’s risk

However, there is one major challenge for organisations wanting to jump into Copilot for Microsoft 365 from day one. It’s only as good as the policies and data they put in place. A lot of work needs to be done first to structure and segment corporate data correctly. This could run into the tens of thousands of pounds of consultancy work to review the data, understand how the organisation wants to structure it and then move it into the Microsoft cloud data storage ecosystem.

There’s a significant security and compliance dimension to this. Although we’re not talking about an open data ecosystem like ChatGPT (instead, data is restricted to an organisation’s Microsoft Graph and 365 apps) there is a risk of users inside the company accessing data they don’t have permissions to view.

Licensing costs and considerations

Stripping out the upfront costs mentioned above to get your data organised and structured, whilst the licensing cost per user for Copilot for Microsoft 365 may feel significant, it isn’t if organisations are genuinely saving those two hours per month per employee. Copilot is now available for just £27.30 per person per month, billed annually and upfront.

However, it’s worth remembering that licenses must be paid up front on an annual basis, and this will only get you the basic Copilot tool. Without an E5 license, organisations won’t have the required security functionality. There’s also functionality such as automatic subtitling of foreign language speakers that requires a premium Teams license.

Note that in order to benefit from those Teams capabilities listed above, the meeting organiser needs to have a Copilot license, which effectively means every employee needs one to be truly effective. This could significantly increase licensing costs across the organisation. Beware those hidden costs!

Organisations should also bear in mind user training is key to learn how to work with AI and provide the right prompts to get the information you need – we found the effectiveness of Copilot initially lower than expected until we knew the right questions to ask, and whilst Copilot is still developing, some time efficiencies may be eroded as users are forced to chop and change between apps.

Getting started with some quick wins

That said, there are things organisations can do today to extract value from Copilot for Microsoft 365. Consider the following tasks:

  • Summarising large volumes of emails in the mailbox to catch up/prioritise quickly
  • Drafting new emails at speed
  • Recapping Teams meetings
  • Creating new images at speed
  • Summarising lengthy documents
  • Finessing/rewriting existing content with a specific tone/audience in mind

However, to gain true value from the product, organisations will need to:

  • Reach out to third-party experts to assess and prepare:
  • Structure and segregate relevant corporate data
  • Work out data security, privacy and compliance controls
  • Purchase Copilot for Microsoft 365 and any relevant additional licenses
  • Expand and extend with third-party plugins. As the ecosystem grows, this could add significant value

It’s worth noting (as with all things Microsoft) the product is constantly evolving – Microsoft has recently announced incoming additional functionality, with Restricted SharePoint Search coming early April, focused on simplifying site audit permissions, and CoPilot for OneDrive scheduled for release in Late Aril / early May, which promised to hep users quickly retrieve information from files stored in OneDrive.

Microsoft has several resources to help organisations discover how the Copilot tool works, how to prepare their tenant, and the technical onboarding requirements for IT admins.

If you’re looking to introduce Copilot for Microsoft 365 into your organisation, get in touch with QuoStar today. Our team of Microsoft experts are here to help you get started.

 

IT as business enabler: the technology opportunity for professional services

IT as Professional Services business enabler

IT has traditionally had a reputation for micro-management. In too many professional services firms, the Department of No stood in the way of productivity and growth. But post-pandemic, things are changing. During that period, many boards and senior managers had a lightbulb moment – finally realising the value that technology can deliver to the firm.

To accelerate this path to progress, professional services organisations need to continue evolving how their IT department works, and what it is responsible for. In many cases, this will mean outsourcing more infrastructure.

A recent Saffery podcast featuring QuoStar’s Chris White and Saffery’s ITDirector, David Fazakerley, have some fascinating insight on this topic.

The changing face of IT

To add true value to the post-pandemic professional services organisation, the IT department must change its role from technology provider to business enabler. As such, the role of CIO or IT director will evolve into one of translator: speaking the language of business to the board and of bits and bytes to the IT team.

There are three ways we can observe this change happening in organisations today:

Cloud: There was a time when IT managed everything in house. Now cloud services have matured, there’s little justification for such an approach. Public cloud infrastructure, private cloud (IaaS) and software-as-a-service (SaaS) can be highly cost-effective – enabling firms to scale up and down as required. And they are often more secure than anything that can be managed internally. Increasingly, cloud is seen as just another utility.

That frees IT from the operational shackles of keeping the lights on, to focus on a more strategic role. Today, IT’s role should be to select the right partners and providers to work with, understand what the firm’s employees need to maximise productivity, and deliver the best possible service for clients. Professional services firms aren’t IT shops. They’re lawyers, accountants and specialist consultants. So IT’s role at its core should be to support these client services via optimised use of technology.

Cybersecurity: Cyber-threats are surging amidst geopolitical uncertainty and a cybercrime underground said to be worth trillions annually. One vendor blocked 85.6 billion threats in the first half of 2023 alone. Government figures from April 2023 reveal that over half medium (59%) and large (69%) UK businesses suffered a serious cyber-attack or breach in the previous 12 months.

Professional services IT teams aren’t equipped to handle this deluge all by themselves. Instead, their job is to educate users, understand the organisation’s risk appetite, and outsource where necessary to providers with the requisite skills, resources and technology. It’s about building a cohesive hybrid team, so that when the worst-case scenario occurs, everyone knows their role and can react quickly in order to rapidly contain and recover.

It’s also about recognising that not all of cyber-risk management is a matter of putting in place another firewall or a web filter. The human-shaped problem continues to be a major risk factor, in the form of social engineering and phishing. And that can’t be solved by technology alone. It’s a problem set to get much worse with the advent of generative AI (GenAI), which will democratise the ability to launch highly convincing phishing campaigns in multiple languages.

Security awareness and training programmes will therefore be an increasingly important part of risk mitigation in professional services firms. To stand any chance of success, lessons must be run in short, sharp bursts, contain real-world simulations and cover the whole organisation, from boardroom down to contractors and part-timers. And any courses must be run continuously: as long as the bad guys keep innovating, there’s always something new to learn. Once again, the value from IT will come from choosing the right third-party provider to supply these capabilities.

In short, effective cybersecurity is about firstly stopping the bad stuff getting in. If that isn’t possible, the focus should be on limiting the damage once threat actors are inside the network. And if they are able to cause any damage, ensure the organisation can recover as quick as possible with enhanced resilience.

Artificial intelligence: AI has the potential to transform professional services, especially generative AI (GenAI) of the sort pioneered by ChatGPT. But there’s also a lot of froth and bluster in the market. And the risk of accidentally exposing sensitive information or believing GenAI-generated falsehoods is high. This could have a potentially serious impact on corporate reputation.

Once again, the IT department’s role is not to build its own large language model (LLM) or chatbot tools. It is to assess what’s available on the market and advise the business about possible solutions that match the organisation’s risk appetite. There’s also important work to be done in updating policies, to ensure employees understand what they can and can’t do.

Saffery’s Fazakerley explains that he has been on a steep learning curve over the past few months, familiarising himself with GenAI. The key to optimised use is understanding where GenAI’s strengths and weaknesses are, which is why the firm uses Microsoft Copilot secured within an Azure tenancy, so any sensitive data inputted via prompts isn’t exposed to the wider world.

Fazakerley claims it has transformed and enriched his search experience. And whereas it may not be advisable to generate content on tax advice, it has been extremely useful at summarising existing advice in a more accessible language that clients may better understand. In that way. it’s helped Saffery think differently about how it interacts with clients, to change engrained habits. For that reason, the tech has already garnered significant enthusiasm from non-IT members of staff, which is a rarity, he says.

The road ahead

This is a vision of IT fit for the digital age: as a core business-enabling function. It imagines an IT department focused on how to optimise the organisation’s use of technology, so it can deliver the best possible client service. And on explaining to the board where and how this tech is generating ROI.

To find out how QuoStar can help your professional services organisation, get in touch today for a complimentary strategic review with Chris White or another of our C-suite consultants. They’re on hand to deliver the strategic leadership mid-sized companies need to transform their IT function, and align it with long-term business objectives.