by Joanie Mann, director of cloud delivery
QuickBooks Shared Hosting Companies Increasingly Falling to Malware Attacks
Application hosting platforms, particularly those publicly providing hosting services for QuickBooks and other desktop software, have been falling prey to malware attacks with increasing frequency. In the recent past, four high-profile QuickBooks hosting providers experienced malware-caused outages that left customers not able to access their accounting data for days or weeks and in some cases even lost customer data. The outages impact direct businesses and accounting professionals, some losing data and facing possible disclosure requirements due to tax, financial or personal private data exposures. The largest of the shared hosting providers has told customers they can only be connected for a couple of hours at a time (to enhance security or reduce user load?), interrupting EDI and ecommerce integrations that require a constant connection to keep information flowing in and out of QuickBooks.
Malware and other threats keep getting more advanced and IT professionals are having a tough time keeping up.
In hosted platforms where customers are logging into shared app servers, the fact of the sharing creates vulnerabilities that smart coders take advantage of. Vulnerabilities often rest with network security and domain architecture when there is resource sharing at any level.
Even when a provider offers a customer a “virtual private server”, the machine is often connected to the same network, domain controllers or backup system as other customer servers. One misstep – an excessive permission or a network share left visible – can introduce vulnerabilities in the system that take out services for all customers connected to the resources. When backups are stored on the same shared network, they also become vulnerable.
The shortcomings of the service may not be visible when it works.
Providers may sell the service as a comprehensive IT solution, yet they often fail to disclose the limitations of the backups they perform. The belief is that the service provider is doing whatever is necessary to protect the customer’s data from loss or destruction. The reality is that the service provider is doing backups to make it easier for them to restore normal services to customers but not necessarily as a business disaster recovery or continuity service for the customer.
Customers learned this when their service providers were unable to recover backed up data and suggested that customers should restore their local backups to the hosting platform in order to get back up and running!
To minimize the potential for malware to damage the network, some service providers impose restrictions on what applications customers can use on the platform.
Because email represents one of the main entry points for malware, some service providers simply do not allow customers to access their email from the hosting platform directly. However, that is not realistic, as many business processes involve email, and removing that functionality from the environment can be disruptive to the workflow, altering productivity.
Another approach is to place time limits on connections, forcing users to reconnect and log back in after a certain number of hours. This is also very disruptive to processes that require persistent connections. Syncing with ecommerce sites to import orders, process shipments or payments or other activities that require staying connected are unable to function when a session is logged off.
The best answer is service that is truly private for the business.
Having a cloud solution dedicated to serving the needs of one business does not require purchasing servers and space in a datacenter. Noobeh deploys services on the Microsoft Azure cloud, and uses private tenant accounts to make sure each company’s business stays truly private.
If a business has an Office365 or Azure account, we provision services directly into it. If a business does not already have a Microsoft account, we create one for them and then provision the services. In all cases, the services are created in the customer’s own Microsoft account, ensuring privacy and long-term manageability.
Users need to be able to access the full realm of business applications required to do their job.
Noobeh cloud services allow businesses to deliver all the apps users need. Email clients, connected applications and web extensions are all able to be deployed on the Noobeh cloud platform. Noobeh takes steps to protect each customer’s data with on- and off-platform backups.
Noobeh’s QuickBooks on Azure services deliver the privacy and fault tolerance businesses need.
With Noobeh, businesses can have affordable, private cloud services at rates comparable to servers from shared hosting providers. The Azure platform offers more redundancy and scalability than other platforms and allows customers to have more control over their own hosted resources because they are not impacting other customers with their actions.
There was once a time when shared hosting was the only affordable way for a small business to run their desktop applications in the cloud. Technology has evolved and too many service providers have not evolved their platforms along the way. Rather than focus on datacenters and hardware, Noobeh attends to the configuration and ongoing management of client systems and software. Taking advantage of the features of the Microsoft Azure platform, Noobeh customers benefit from the tremendous investments made by Microsoft in security, redundancy, fault tolerance and platform management.
Noobeh cloud services delivered on Microsoft Azure help businesses modernize their systems to keep QuickBooks, MS Office and all other desktop applications up and running with better data security and system redundancy, all leading to increased productivity and better business performance. Call us today to get started.
