Monsters of Our Own Creation

It could hit almost anyone: a wrong click, a stupid mistake and boom. You fell victim to a nasty piece of ransomware. Or any kind of trojan.

You certainly heard about all the recent cases of ransomware spreading. It’s everything but funny when it happens and there many ways the user of the system might have been tricked into getting it on his or her machine.
The impact can be quite devestating, actually.

Trojans and worms were wrecking havoc on servers and end user systems for a long time, only it appears the attacks just keep getting nastier.

Ransomware is taking things to a more professional, large-scale monetization model. Unfortunately.

Unfortunately because of the sad fact that this is how some individuals/gangs want to earn their money. Unfortunately as well because most corporate infrastructures built up their own many monsters over decades.
Starting from more or less well managed servers to custom solutions nobody really understands in full depth anymore. It goes all the way to the laptops and PCs of the employees, bursting with tools that are all aiming at providing that aura of protection and control.
While the many tools that slow down these machines might in fact not be properly patched and supported and be hell’s gate of their own sort.

By the time you find out what these machines are really being used for things turn out to be really simple most of the time.
We are talking some spreadsheet magic, text editing, working with forms. And yes, printing stuff as that is still a thing in 2017 which is sad.
How much access to the underlying OS do you really need for accomplishing any of that?
Turns out, very little. Your modern days web browser and some useful tools like the online tools from Office 365 or Google Cloud are capable tools.

And if you embrace that idea many office working systems could easily get away with - dare I say! - chromebooks or chromeboxes.
In case you don’t know, those are completely customized OS from Google based on Linux with plenty of extra bells and whistles to make them as secure as you could hope for.
Access to the underlying OS is limited and the security concept makes it next to impossible to install software/run programs in an unauthorized fashion.
With the only example of Chrome extensions maybe.

Of course, again, these machines highly depend on cloud services by design. So yes, your networking should be well-thought through and protected. That would always be the case however and even more so with vulnerable, ill-patched full-access OS.
(Windows XP will be a lucky target for many years to come, being no longer supported but still used widely.)

And of course the cloud service dependency that raises extra-concerns: Is that secure? What about data privacy?
Well if you can manage IT security and data privacy well enough with your own homebrew tech stack hopefully not running on a server under your office desk, then fine for you. Chances are that what you deem good enough is not good enough tomorrow and contrary to the big cloud players you are probably not going to invest as much into data protecton + IT security in general. (Unless that is your business really.)
With that in mind, think again about how bad that dependency really is.

I have seen some emotional disputes about that but hey - it’s all just a matter of invest and sustainability. That goes for both your productivity strategy and machine inventory as well as your open mind towards the merits of cloud computing.
For the first, what most people are using is not necessarily the best for your purpose - again if browsing is all you need why throw a full-blown full-access machine at it.
For the latter, well, I guess there would be an epiphany waiting for you either way, sooner or later.

Stay safe!