A Crypto-locker virus was triggered by an employee opening a seemingly innocent attachment. The virus slipped through the network defences and overnight began to attack and lock City Sales’ file server, paving the way for the hacker to demand a ransom to unlock the server.
Instead, within an hour of detecting the attack, CodeBlue had restored the locked files from backup and deleted the virus. Normal network access was resumed with no loss of data and with barely a blip in City Sales operations.
A big factor in the speedy recovery was the work done in response to a similar Crypto-locker virus attack earlier in the year on the RDS Server which began to compromise the Application Server. Although no data was lost, and City Sales’ systems were back up and running within hours, it sparked CodeBlue to further strengthen cyber defences by increasing backup frequency to two-hourly intervals, adding its new Internet Shield defensive layer, and reviewing processes and policies, including staff education.
Resident on the applications server was City Sales’ most valuable IT business asset – a unique database holding full details on more than 26,000 apartments across almost 500 buildings.
Without that database – painstakingly compiled since City Sales was founded in 1991 as Auckland’s first specialist apartment sales, renting, leasing and management company – the business would be seriously threatened.
For City Sales Director Shelley Dunn the cyber attack was just another routine IT issue successfully resolved as part of a close partnership developed since CodeBlue took over management of her IT infrastructure.
Back then, City Sales had been struggling to find the right IT service partner fit for its rapidly growing business.
“We had used several IT companies and were not happy with their services,” Shelley Dunn recalls. “CodeBlue was recommended by one of their clients. But we also looked at other options. We chose CodeBlue because we felt they were the best fit for our business in terms of being interested in it, having experience in similar sized businesses, being prepared to work with us as we were at the time and take time to get to know us.”
What City Sales wanted, CodeBlue has delivered. On engagement CodeBlue went through a process of understanding City Sales business. This was the beginning a continuous improvement process designed to give City Sales the best possible value from its IT infrastructure investment.
CodeBlue’s City Sales Account Manager Richard Watt takes up the story: “We started out by stabilising their existing infrastructure. This included urgent work to protect their data, such as offsite backup, first level antivirus and anti-spam defences;Service desk support followed to identify and fix problems quickly.
“We then worked with Shelley to plan and implement a major refresh of their infrastructure designed to give them a much more robust environment, with state of the art monitoring to identify faults before they occur; This gave them a much more economical, higher value IT environment.”
The new infrastructure is now fully operational, including a rolling upgrade of desktop and mobile devices which is ongoing, standardising on high performance HP ProDesk and HP Z230 workstations as well as HP Elite series laptops for agents out in the field. “The x2s will be used by staff members that need to travel – our senior leadership team will be the main users – allowing them to be more mobile, efficient and productive. For example, if someone is travelling, they will be able to login to the network, and work remotely, wherever they are,”
An important strategic objective of the infrastructure refresh was to give City Sales staff safe, flexible and mobile solutions which has been achieved through working with HP. With all sales staff now using HP devices it has allowed greater mobility and flexibility when working outside of the office and with CodeBlue’s Internet Security Protection enabled on these devices it has helped reduce the risks of security breaches outside the network.
This was handled as part of CodeBlue’s ‘defence in depth’ DR and cyber security services which include very high data resilience via high frequency server backups held off site. This extends to intrusion protection at all access points. Internet access and firewall security, as well as the latest email security. The highly sophisticated email security and email management solution sets and monitors email ‘rules’ to protect against sensitive information leaving the network. It also features virus and spam filtering of both inbound and outbound email.