Patch management program
"Patch management is a strategy for managing patches or upgrades for software applications and technologies. A patch management plan can help a business or organization handle these changes efficiently.
Software patches are often necessary in order to fix existing problems with software that are noticed after the initial release. Many of these patches have to do with security. Others may have to do with specific functionality for programs"
Source: https://www.techopedia.com/definition/13835/patch-management
Elements of a patch-management program include the following:
- Security and Patch Information Sources
- Patch Prioritization and Scheduling
- Patch Testing
- Change Management
- Patch Installation and Deployment
- Audit and Assessment
- Consistency and Compliance
Source: http://www.patchmanagement.org/pmessentials.asp
Ransomware attack
A ransomware attack happens when your own system is locked against you or the files on your servers is encrypted so you cannot access them until you pay off the kidnappers.
Having your data regularly backed-up, and held separately from the main data, is essential since this allows you to quickly recover and restore your data (and get back into operation quickly).
Frequent backups, held separately (and securely) is a good practice, in any case, so you can recover from other disasters like fires or flooding.
Ransomware
"Spam emails loaded with ransomware - malware that scrambles data and demands a ransom to decode it - increased 6,000 percent this year compared with 2015, a new study from IBM Security found. Ransomware was in almost 40 percent of all spam messages in 2016. The problem is, the business model works: 70 percent of business victims paid the hackers to get their data back, the study found. Of those who paid, 50 percent paid more than $10,000 and 20 percent paid more than $40,000."
For how to mitigate the effects see https://www.lexmundicollaborate.com/lexmundicollaborate/viewWikiPage.action?metaData.siteID=1499&metaData.wikiID=1901
Microsoft Azure's Site Recovery
Orchestrate your disaster recovery plan
- Automated protection and replication of virtual machines
- Remote health monitoring
- Customizable recovery plans
- No-impact recovery plan testing
- Orchestrated recovery when needed
- Replication to—and recovery in—Azure"
PC Mag says this in their review:
"Microsoft Azure is a cloud-based infrastructure and platform that can host 50+ integrated web services that you can mix and match to create a wide variety of business solutions. For those seeking Disaster Recovery as a Service (DRaaS) solutions, the right service to evaluate is Azure Backup and Site Recovery."
In addition to traditional online storage and backup-and-restore functionality, Microsoft Azure also provides web services for site-restore capabilities should you encounter a disaster scenario. You begin by creating your disaster recovery plans and storing them in the Microsoft Azure portal. These plans can be as simple as restoring a single site or as complex as restoring intricate multi-tiered workloads. You can use Azure-based automation tools or custom Windows PowerShell scripts to create and deploy your plans. Also, Microsoft Azure provides features to help you replicate your sites and workloads with minimal efforts.
Microsoft Azure backup, restore, and site-restore functionality is very flexible. You can back up your data entirely to the cloud, to local resources, or a combination of the two. Azure backup services integrates with technologies like Microsoft SharePoint, Microsoft Exchange, Windows Server, Linux, Microsoft SQL Server, and more. Azure site restore supports the Hyper-V virtual machine (VM) hypervisor version 2012 on up, and VMware vSphere 5.x platforms, as well as distinct Hyper-V and VMware replication technology scenarios.
Flexible Backup and Restore
At its core, the backup and recovery features of Microsoft Azure begins with a secure Azure Backup Vault in the cloud. This vault is dynamic in size. Because it’s a service, you only pay for the amount of storage you use. Once you’ve created your Azure Backup vault, you can use several different Azure features to simplify both backup and recovery of your data. For example, you can schedule regular automated backups and throttle them so they take place when your network bandwidth is at a low usage state. You can also choose where your data backup resides. By default Azure stores three copies of your data in three separate locations within a data center. You can optionally choose to have your data replicated to three additional locations in an additional data center in a different region than your first three copies.
When you use Azure backup and storage services, your data is encrypted both at rest and in motion. It’s also compressed to reduce network bandwidth usage and storage space. Some organizations have strict government or industry requirements regarding the data retention, so Azure enables you to retain your data for up to 99 years.
What is virtual desktop infrastructure (VDI)?
“Desktop virtualization, often called client virtualization, is a virtualization technology used to separate a computer desktop environment from the physical computer. Desktop virtualization is considered a type of client-server computing model because the "virtualized" desktop is stored on a centralized, or remote, server and not the physical machine being virtualized.
Desktop virtualization "virtualizes desktop computers" and these virtual desktop environments are "served" to users on the network. You interact with a virtual desktop in the same way you would use a physical desktop. Another benefit of desktop virtualization is that is lets you remotely log in to access your desktop from any location.
VDI (Virtual Desktop Infrastructure -- or Interface) is a popular method of desktop virtualization. This type of desktop virtualization uses the server computing model, as the desktop virtualization in this scenario is enabled through hardware and software. VDI hosts the desktop environment in a virtual machine (VM) that runs on a centralized or remote server.”
Source: https://www.webopedia.com/TERM/D/desktop_virtualization.html
What is a thin or zero-client?
“A zero client can also be called “an ultrathin client”. Just like a thin client, a zero client is a lightweight, fan-less computer that doesn’t have a hard drive, but connects to a server to perform its computing. Both zero clients and thin clients access hard drives in the data center by running Remote Desktop Protocols (RDP),”
Source: https://www.igel.com/what-is-a-zero-client/
Why move to thin or zero client desktop infrastructure?
"the appeal of a thin client system architecture does not depend merely on it being cheaper to purchase than a PC-based equivalent. The main attraction for IT directors is the opportunity to remove valuable software and data assets from the desktop and relocate them in the datacenter, where they are not only more secure but also easier and cheaper to manage and maintain.
Manageability is one of the key benefits of a thin client, or network-centric architecture approach. Thin client computing offers centralized management, enabling rapid deployment of new applications, easier and faster support for end-users and greater control over the use of systems,' says David Angwin, senior regional marketing manager for EMEA at Wyse Technology."
Source: http://www.computerweekly.com/feature/The-return-of-the-thin-client
For more on desktop virtualizations