Latest news with #MicrosoftOneDrive
Time Business News
10 hours ago
- Time Business News
Top Cloud Malware Attacks Businesses Should Know About
Cloud computing is changing how we do business with higher flexibility, scalability, and cost savings than traditional infrastructure. However, this is providing new opportunities for criminals who are eternally looking to exploit weaknesses in cloud environments. Cloud malware is no longer a theoretical threat that persists in the cloud; it is using traditional security controls and lives in the same approved by your teams every day. The techniques that malware is using to deliver exploits through cloud environments are changing quickly and are becoming increasingly untraceable. Knowing how to protect your data from malware is not just good information; it is essential information that can be the difference between securing your operation and a catastrophic breach of sensitive data. One of the most prevalent attackis to upload dangerous files to reputable and known cloud storage services; including Google Drive, Dropbox, or Microsoft OneDrive; none of which receive the same level of security scrutiny as email. Cloud storage services do not require the traditional context of personal trust; they are inherently trusted by the users of the service. The danger is when those infected files are shared internally, amongst users, or externally with clients and partners. One document shared Ida file that has malware and is shared through your trusted cloud RFID cloud storage service can rapidly spread through the entirety of your organization, especially if your users are downloading and executing files without any validation. Most typical Halbumn security toolset region bind Found are usually overly stretched and unable to detect threats commingling in these environments because these platforms are perceived as trusted environments. Too many security solutions do not put the same effort into scanning files in the cloud that they put into scanning files that are email attachments or downloads from dubious sites. What you need to do is implement a comprehensive scanning solution that is designed specifically for cloud storage platforms that can detect suspicious content during the upload process and avoid spreading malicious files around your organization. Phishing campaigns aimed straight at cloud service credentials have evolved to be extremely sophisticated. Attackers create incredibly convincing fake log-in webpages, that mimic popular services like Office 365, Google Workspace, or Salesforce, leading employees to enter their username and password into the attacker controlled webpages. Once the attacker gets the stolen credentials, they can access your cloud accounts with no security alerts that would typically trigger for traditional security. The attacker can then use the information for many pernicious purposes – install malware, steal sensitive documentation, access communications between users, or even act as an authenticated user to launch attacks on other systems. These attacks provide great appeal to cybercriminals because the activity looks to external observers as if it is legitimate activity by a legitimate user. Standard security monitoring is unlikely to flag fallback activity suspicious because it is likely coming from an authenticated user with permission to access the data. So, yes, in addition to cyberattack exploitation of business communications and sensitive information of a business, when an attacker can get to the credentials and gain access to cloud-based systems they are likely in and permitted because they are (alternatively) logged into your cloud accounts! Multi-factor authentication is your best defense against credential based attacks. Even if they get your password, they will still need access to the second authentication process for log-in to their victim's system! Fileless malware is one of the more aggregated and sophisticated threats to cloud environments. As opposed to conventional executable files, these attacks run fully in system memory utilizing legitimate system tools and processes to execute malicious actions. In cloud environments, fileless attacks often exploit PowerShell scripts, Windows Management Instrumentation, or other administrative tools that are built-in to the system to run malicious code. Consequently, these scripts can remain undetected for long periods without leaving the conventional file signatures that antivirus usually looks for. Traditional antivirus solutions struggle significantly with fileless threats because there are no malicious files to scan. Furthermore, because the attacks run using legitimate system processes and tools, active detection will be extremely challenging with signature security-based forms of protection. Defense against fileless threats will require functionality for behavioral monitoring combined with threat intelligence that allows for risk patterns and behavioral anomalies, rather than just using file-based detection. Functionalities like behavioral monitoring can analyze system behavior to see when legitimate tools are being used maliciously. Software-as-a-Service integrations have created another attack vector that many organizations do not consider. Attackers create an application that looks legitimate and asks for OAuth permissions or other forms of integration access to popular platforms such as Slack, Microsoft Teams, or Google Workspace. Once a user accepts the integration, the attacker can gain access using the application's permissions without direct credential theft. The attacker could read emails, access files, read communications, or simply abuse the integration to get malicious software into the organization's environment. These attacks are particularly effective because malicious applications are often presented professionally, requesting reasonable permissions that look acceptable. For example, a user may not realize that by allowing an integration, they are granting access to an attacker, which then enables the attacker to operate in their cloud environment using real application credentials. Regularly reviewing authorized SaaS integrations should be included in the organization's standard security measures. Additionally, organizations should audit what applications have permission to access their systems, those permissions, and if the integrations are still needed and trusted. Cloud malware has progressed from being a niche concern to being a serious threat that affects small and large businesses. From fileless attacks that hide in plain sight to compromised SaaS integrations that are abusing legitimate permissions, cybercriminals are finding cunning means of infiltrating cloud environments. The solution to protection is remaining alert, educating your team on emerging threats, and implementing advanced security tools that are specifically built for cloud platforms. Understanding the threats and putting measures in place to limit exposure will help businesses proactively protect their resources and maintain their operational continuity. TIME BUSINESS NEWS
The Star
2 days ago
- The Star
Opinion: Learning to manage your cloud storage
The easiest way to copy your files from OneDrive back to your computer is to use a browser to log into your OneDrive and download the files. — Photo by Nick on Unsplash This week a reader is having a problem with Microsoft OneDrive. 'I had been keeping all of my files off of OneDrive successfully for several years. Somehow in the last year, all of my files, documents, photos, etc., have been moved to the OneDrive cloud storage. I want everything back and nothing left on the cloud. Each time I have followed Microsoft's instructions on how to do this, it doesn't work. It places everything back on my hard drive as 'copies' of everything in the cloud, leaving all of the originals on the cloud. I am at my wits' end! I want to turn OneDrive off permanently once I finally get everything back.' Not everyone is comfortable with their files being stored in the cloud. You can see what local folders are set to sync to the OneDrive cloud by clicking on the OneDrive cloud icon in your system tray and choosing the gear icon on the top right and choosing Settings. At the top of the Settings page is a button to Manage Backup, which is where you can pick which of your local folders are automatically synced to OneDrive. You can check here to see if your Desktop, Documents or Downloads folders (or others) are set to sync. Make your own choices here. You can also pause syncing all your files under the gear icon. The easiest way to copy your files from OneDrive back to your computer is to use a browser to log into your OneDrive and download the files. The OneDrive web interface will show you exactly what files are in the cloud. You can select the files and/or folders and click the download button. I recommend you save them to an external hard drive or flash drive. Once you have your files safely onto whatever drive you choose, you can unlink your PC from OneDrive. Under the gear icon, select the Account setting and click 'Unlink this PC.' Finally, you can uninstall OneDrive under your computer's Settings by selecting Apps or Apps & Features, then choosing Microsoft OneDrive from the application list, clicking on it and selecting Uninstall. – Tribune News Service
Entrepreneur
01-07-2025
- Business
- Entrepreneur
5 Data Backup Mistakes that Could Bankrupt Your Startup
From treating cloud storage as backup to neglecting encryption, these common blunders have shut down 51% of businesses within two years after data loss. Opinions expressed by Entrepreneur contributors are their own. In the current information age, data disasters have become the biggest threat to businesses. Based on a 2024 data loss statistics report, 51% of businesses that suffer data loss shut down within two years, and 43% never reopen their doors. Although most startups take the precaution of backing up their data, many of them do not do that properly. In this article, I will list five of the most common data backup mistakes that could derail your startup and how to fix them fast. Mistake 1: Taking cloud storage as backup One of the biggest misconceptions is taking data sync on cloud storage as an auto backup mechanism. Actually, Google Drive, Microsoft OneDrive and Dropbox are storage solutions, not backup solutions. Data sync helps when your local device is damaged or lost. But if you delete an important file on the local device by mistake, or your file is encrypted by ransomware, the copy on the cloud drive will also be deleted or encrypted. I've encountered many such cases. For example, a design company enables sync between the local drive and Google Drive. One day, the hacker attacks their local systems and encrypts all the drawing files. When they detect the attack, they resort to Google Drive, but only find that all the copies on the cloud are also encrypted! Solution: Find or implement a true backup solution that will create a separate and isolated copy of your data. The solution can be based on cloud storage. However, recent trends show ransomware will not only attack the original data, but also infect the backups. Therefore, to protect your backups from ransomware, it is better to make a backup that is completely physically isolated from your device and the internet. Related: 5 Reasons to Make Regular Data Backups a Part of Your Business Plan Mistake 2: Backup via copy Startups normally ask their employees to back up via copying files to an external hard drive, to save the cost of purchasing a professional backup solution. But this method has the following disadvantages: Over time, it will become more and more complex to manage multiple backup versions. Backing up duplicates files and data repeatedly in different backup versions, wasting a lot of time and unnecessary disk space. Solution: It is more cost-effective to choose a professional backup solution because it can: Manage the backup versions on different time points easily. Most of the solutions support incremental or differential backups, which will only back up the difference since the last backup or last full backup, saving a lot of disk space and time. Mistake 3: Manual backup Similar to mistake two, startups normally choose to backup manually instead of automating the process. But there are many problems with this method: Employees may forget to back up even if there is a regular backup policy. Due to human inertia, employees who initially follow the backup rules may gradually begin to slack off. The backup process will consume a lot of time and system resources, affecting the normal workflow of the employees. Solution: It is always recommended to automate the backup process, because: Data will always be backed up on the scheduled time, not affected by human factors. By scheduling backup time on off-business or off-peak hours, the backup process will not affect the normal workflow or the computer performance greatly. Even if you cannot automate the backup process completely, you should choose a solution that allows you to perform the backup via one-click or one-press instead of a lot of operations, which will make employees more willing to perform the backup regularly. Related: Why Every Small Business Needs a Backup and Disaster Recovery Plan Mistake 4: Backup without encryption Many startups will use various mechanisms to protect their sensitive data, such as privileged access management, multifactor authentication, etc., but neglect the protection of their backup data. Whenever the backup devices are lost, stolen, or the cloud data center for the backup is invaded by hackers, a data breach occurs. IBM report shows that the global average cost of a data breach in 2024 is 4.9 million USD. Other than financial losses, data breaches can also lead to compliance issues and may even result in business closure. Solution: Find a backup solution with encryption support. Make sure you: Use high-strength encryption algorithms. It is recommended to use AES-256 to encrypt and decrypt the backup data since it is fast and secure. Do NOT use obsoleted or insecure algorithms, such as DES and 3DES. Mistake 5: Backup without validation Completing a backup is not the end of your data protection journey — it's just the beginning. The next step is to validate the integrity of the backup data to make sure it can be restored successfully when needed. Validation is very important because: Backup is time-consuming and typically involves a huge volume of data, so any error in the process can corrupt the entire backup. With the elapse of time, the physical devices storing the backup data will deteriorate, causing data corruption. Solution: Find a backup solution that supports validation. And make sure you: Validate the backup immediately after a backup process completes. Validate the old backups regularly. If possible, automate the validation periodically. The startups that last longer are those taking data backup as the core part of their businesses instead of an afterthought. By checking and preventing the five mistakes in this article, you are planning for the worst and turning data vulnerability into resilience. Related: Create a Back-Up Plan for Your Data
Techday NZ
23-05-2025
- Business
- Techday NZ
Looking ahead: The future of AI-driven workflows
As a society, we have undergone a major transformation in just a few short years in the realm of artificial intelligence (AI). AI has moved from being a niche technological advantage to becoming a mainstream pillar of modern business operation. The question has transitioned from should we implement AI, to how we should implement AI in our businesses. This poses the question, how do modern businesses harness the benefits of AI efficiently, securely and with optimal integration into existing digital infrastructure? As we contemplate the future of business and where the evolution will take us, it's becoming clear that AI is poised to automate not only mundane, repetitive tasks but how we communicate, collaborate and add value. The transformation is set to be led by AI tools like chatbots, designed to integrate into existing workflows, streamlining operations and evaluating customer experience. The evolution of automation to workflow intelligence Legacy automation was marked by rigid systems that required intensive setup and ongoing maintenance. By contrast, today's AI technology brings with it contextual awareness that can interpret language patterns, anticipate user needs in real time and automatically adapt as needed. Businesses can now deploy sophisticated AI tools in minutes that support both internal functions and customer facing interactions seamlessly. Intuitive AI is democratising automation. Only a few short years ago, automation and AI was a luxury only afforded to large enterprises with similarly large budgets but now the benefits of AI can be extended to small and medium sized businesses at minimal costs. Failure to embrace the AI revolution means falling behind and losing your competitive edge. The emerging role of chatbots in businesses today It's becoming evident that the role of chatbots goes beyond simple digital assistance. Chatbots are becoming a business-critical workflow engine that reduces customer service loads, manages internal process compliance and facilitates employee training and onboarding. Looking to the next decade, we can expect to see chatbots take on more strategic roles. Even now, businesses are increasingly embedding automation into daily operations. Integration into common platforms like Microsoft OneDrive means that users can easily retrieve documents, trigger new workflows and even gain surface insights, all without leaving the chatbot interface. Imagine a sales team that can source product specification documents from OneDrive automatically, using a single chatbot. Or perhaps a customer support team member who can order a return of an item and have the logistics record updated, all with a single command. This might seem impressive now, but this degree of automation is soon to be the standard. Looking to the next decade Given the rapid advancement of AI since its inception, we can expect to see five key trends that will shape the next decade of AI deployment: 1. Hyper-personalisation at scale AI will increasingly create bespoke responses and actions to individual users, informed by contextual data and preferences. Chatbots will "learn" the working styles of each team member or customer, improving relevance and efficiency. 2. Cross-platform interoperability No single tool operates in a silo. The most valuable AI solutions will integrate with workplace ecosystems like Microsoft 365, Slack, and CRMs, becoming the connective tissue across different departments. 3. Voice activation and multimodal interaction The future isn't just text. Voice-enabled workflows, visual dashboards, and multimedia support will make AI interactions more natural and user friendly. 4. AI for compliance and governance We can expect AI tools to proactively guide employees through processes, flag risks, and ensure documentation is handled according to specific policies. AI will be a silent compliance partner, keeping teams on track. 5. More emphasis on ease of use and security While capabilities will steadily become more powerful, the user experience must stay simple and intuitive. Chatbots will lead the way with effortless, secure, and no-code deployment, ensuring the technology supports daily operations. Accessibility matters The future of AI hinges on widespread accessibility and simplicity. Small to medium sized businesses need tools that are intuitive, easy to integrate, require little training and provide immediate value. The next chapter of digital transformation will see AI working alongside humans to provide even greater value to business processes. Automating the mundane allows for humans to focus on more high value and creative activities. The next decade will be marked by smarter workflows that result in smarter outcomes. AI will no longer be an accessory to modern business; it will be the invisible engine that powers successful workflows. AI will pave the way for secure, scalable and intuitive solutions ready to power us into the AI driven future.
The Hindu
20-05-2025
- Business
- The Hindu
Salesforce introduces Agentforce in Slack
Salesforce has introduced a way to build task-specific digital teammates directly in Slack called Agentforce in Slack. Using these AI agents, employees can look for company data, access team conversations and move tasks ahead. On June 12, Salesforce will release Slack Employee Agent Templates to make the process easier. Agentforce is powered by role permissions and has access to your connected Salesforce Data Cloud Library, conversational Slack history and is integrated with the full Salesforce 360. The templates include Slack Customer Insights to summarises opportunities, updates CRM records and collects data using Salesforce Data Library, Slack Onboarding for helping new hires get answers on policies, look for experts and share their introductions while Slack Employee Help is a guide for support in HR, IT, legal and sales. To enable these agents, Salesforce has rolled out Enterprise Search that can search across third-party apps like Google Drive, Microsoft OneDrive etc as well as Slack context based on user permissions so that the agent offers relevant context and asks for user permissions when prompted. Users can also make their prompts for certain tasks shareable for general awareness within the company.
