Avatara CompleteCloud: Response to Kaseya Breach

July 10, 2021
Posted in News, Resources
July 10, 2021 computer.engineer

You have probably taken note of the press reports over the last few days related to the breach of the Kaseya management platform and the use of this breach to deliver ransomware to over 1500 businesses whose Managed Service Providers (MSPs) used this particular module, which allowed them to manage on-prem servers and systems for their customers.

Rest assured, the CompleteCloud system and the data that it holds are not in any way affected by these events. CompleteCloud is specifically designed to avoid these commonly used generic system tools and public cloud repositories that have been exploited in these attacks.

We highly encourage all CompleteCloud customers to use our entire Managed Security Suite, use multi-factor access, use strong passwords, and ensure cybersecurity awareness training for staff. If you have been directly affected by this attack, please reach out to Booker DiMaio ASAP so we can work with you protect your assets as needed.

Breach Background

Kaseya is a broadly used management tool frequently seen used by MSPs to facilitate their server and desktop management products. The perpetrators in this case devised an attack that gave them access to these systems and used that access to deliver ransomware payloads to end customers of those MSP, as well as the systems of the MSP themselves, including in some cases hosted backup systems and other ancillary services.

Fallout continues from biggest global ransomware attack – News Break

Kaseya VSA Supply-Chain Ransomware Attack – Community Security Blog

How CompleteCloud Stays Secure

CompleteCloud is a proprietary private cloud platform engineered from the ground up with security as a core design principle. As a private instance, all data resides only in Avatara’s CompleteCloud systems. CompleteCloud does not use any third party or public cloud data repositories or any technology components where customer data resides on third party systems. This includes our security, secure file sharing archiving, backup, and other component systems. This design approach allows CompleteCloud to completely control the location and security of all critical data.

The CompleteCloud platform uses sophisticated automation, monitoring, and provisioning systems to ensure consistency and compliance. These systems are all internally developed and linked into our private infrastructure. There are no “off the shelf” management platforms employed, and any third-party product components are engaged via secure API and not incorporated into the core system.

CompleteCloud does not use ANY third-party services that have a two-way data path to customers. When external vendors are integrated, such as with partnership with AlertLogic, private systems in each customer’s secure data center environment deliver OUTBOUND telemetry as required to those vendors. No unattended inbound access is allowed, and all server access of any kind requires MFA.

CompleteCloud is the only completely private and secure by design platform in the industry. We leverage proprietary technology and years of high security operations experience. We avoid, by policy, commonly used generic components and public cloud repositories. These core principles enable CompleteCloud customers to comply with a wide range of security frameworks and remain assured that their data is secure in a rapidly changing threat environment.

This is an Avatara CompleteCloud notice sent on Friday, July 9th and edited by Booker DiMaio.

, ,