Contact Us      General Enquiries: +44 (0) 1273 834 000   Support / Service Desk: +44 (0) 113 360 9696

PAV IT

  • About Us
    • PAV GDPR Statement
    • Company History
    • Careers
  • IT Certainty
    • Legal Sector
    • Manufacturing Sector
    • Customer Testimonials
    • Case Studies
  • Services
    • IT Support & Monitoring
    • Project Delivery
    • Cloud Services
    • Backup and Disaster Recovery
    • Application Packaging
  • News & Events
    • BLOG
    • Events
    • Newsletters
  • Technology Solutions
    • Communication and Collaboration
    • Modern Workspaces
    • Data and Governance
CONTACT SALESsupport
  • Home
  • Our latest Blogs
  • Blog
  • UK’s National Health Service Embraces Microsoft 365 Security and Productivity Services
March 4, 2021

UK’s National Health Service Embraces Microsoft 365 Security and Productivity Services

Tuesday, 23 June 2020 / Published in Blog, Microsoft

UK’s National Health Service Embraces Microsoft 365 Security and Productivity Services

As the UK’s National Health Service embraces Microsoft 365 security and productivity services, there are lessons from WannaCry and Exchange Online downtime for protecting critical national infrastructure.

In a time when effective healthcare has become the number one global priority, it’s absolutely critical we ensure the resilience of these services from attack or technical failure.

It’s on this backdrop that I consider the announcement this week, that a deal struck between NHSX, NHS Digital and Microsoft, will save the NHS hundreds of millions of pounds while giving 1.2 million staff access to Microsoft 365 security (formerly known as Office 365) and productivity tools. This will include GPs, consultants, nurses, therapists, paramedics and support staff, who will all have access to services within Microsoft 365.

Make no mistake this is positive news. Digital transformation in UK’s healthcare system is a mammoth and much-needed undertaking – one that certainly will bring many benefits to improve productivity, collaboration and better health outcomes for patients. For example, Microsoft Teams has already been used across many NHS organizations to collaborate, share information securely and support new ways of working during the COVID-19 pandemic.

But as recent Microsoft service outages remind us, no one IT system is infallible and every organization needs a business continuity plan for when key services fail.

Exchange Online Downtime

On Monday, thousands of Microsoft 365 users in Australia and New Zealand reported problems accessing the service just as the working day started. Later in the day, similar issues started occurring in Europe. Both incidents were thankfully remediated within a few hours.

Frustrated IT professionals took to social media to share stories of frustration, SLA advice and memes to let off steam. And there was nothing they could do but wait until Microsoft acknowledged and then fixed the problem.

Wait a minute… or was there something each IT team could have done?

This is yet another prime example what happens when you flatten all of your protections, services and applications into one dependent system. Microsoft 365 security concerns aside, every IT leader today grew up knowing the need for independent backup and continuity when their systems were on-premises.

However smart that new cloud system is, human error or technical failure can occur, leaving you at the mercy of your outsourced vendor. The productivity gains you made from moving to cloud suddenly start to dissipate and the reputation of cloud services overall take a hit.

It’s up to each individual organization to measure the risks of third-party service outages and consider an appropriate backup plan. That’s not Microsoft’s problem but yours, the IT professional – and it needs to be planned and rehearsed in advance.

That risk measurement will of course vary between industries, size of organizations and individual management teams. Some fledgling firms may decide to gamble their uptime but as customer needs and brands reputations grow, demands for continuity move closer to that of critical public services.

Flashback to WannaCry

Just over three years ago the WannaCry raced around the world, striking into the heart of Britain’s health service. The attack forced affected hospitals to activate major incident plans, closing wards and emergency rooms, canceling routine appointments and diverting ambulances to neighboring unaffected hospitals. Doctors’ practices and pharmacies reported similar problems.

Government estimates on the financial cost of the attack were placed in two broad categories: during the attack and the recovery period in the immediate aftermath. Firstly, it was estimated that there was approximately £19m of lost output – based on 1% of care disrupted over a one-week period. They then accounted for £73m in additional IT costs.

When WannaCry struck, the NHS still ran 4.7% of its machines on XP, despite Microsoft having ceased support for the software back in 2014. Now it’s Windows 7 that is outstaying its welcome and the new rollout of Microsoft 365 will now ensure IT systems that haven’t yet been upgraded to Windows 10, will be.

Own your own uptime

The lesson here is that every new service you rely on brings new risks of dependency. Microsoft Teams has already had a number of outages during the pandemic. Email infrastructure is inherently complex and cybercriminals consistently innovative. New weaknesses will be discovered and new mistakes made. Microsoft 365 security is improving but so are the advanced attacks we detect every day targeting the platform.

Earlier this month I wrote about the great cloud migration and the need for a prepared-for-anything mindset. This approach requires defense-in-depth security thinking, steadfast continuity systems and regularly updated (and tested) business continuity plans.

We need to accept that communication service downtime for the NHS could have a direct impact on the delivery of vital services to the community. Any organizations moving to Microsoft 365 security and productivity services, especially part of the Critical National Infrastructure, should still be on the hook for their own business continuity and resilience.

It’s not up to Microsoft to begin planning for the next event that affects our organizations. That’s on us.

by Richard Botley
Senior Security Writer

Original article can be found HERE.

Tagged under: Microsoft

What you can read next

HP Secure Trade In
INTRODUCING MERAKI TRUSTED ACCESS
Understanding the Evolving Security Threats to a Remote Workforce

Recent Posts

  • Introducing SecureX

    Making Security an Enabler, so Your Business Ca...
  • The Reality of Delivering Successful Productivity and Automation Projects

    Productivity and Automation projects have been ...
  • Improving Threat Detection Through Integration

    The Value Of Cybersecurity Tools Can Be Greater...
  • Small Businesses are Facing Big Cybersecurity Challenges in 2021

    Lots of things have changed in the past year, b...
  • Designing in Automation and Productivity to Support the Modern Workplace

    With the advent of WFA (work from anywhere), th...

Categories

  • Blog
  • Cisco
  • Events
  • IT Certainty
  • IT's About Time
  • Microsoft
  • Networking
  • News
  • Newsletters
  • Other News

A leading IT infrastructure solution and support provider that has been delivering flexible and modular solutions and consultancy to businesses across the UK since 1988.

GET IN TOUCH

  • General Enquiries: +44 (0)1273 834 000
  • Support Desk: +44 (0)1273 834 433
  • Email: info@pav.co.uk
  • PAV I.T. Services
  • Mending Rooms, Sunny Bank Mills, Farsley,
  • Pudsey, West Yorkshire, LS28 5UJ
  • View on Google Maps
  • About Us
    • PAV GDPR Statement
    • Company History
    • Careers
  • IT Certainty
    • Legal Sector
    • Manufacturing Sector
    • Customer Testimonials
    • Case Studies
  • Services
    • IT Support & Monitoring
    • Project Delivery
    • Cloud Services
    • Backup and Disaster Recovery
    • Application Packaging
  • News & Events
    • BLOG
    • Events
    • Newsletters
  • Technology Solutions
    • Communication and Collaboration
    • Modern Workspaces
    • Data and Governance

Pav IT © 2019 All rights reserved.

  • GET SOCIAL
TOP