KPMG Blunder Proves Microsoft 365 Needs Backup (Cloud Disasters)
In this shocking episode of The Backup Wrap-up, we delve into the jaw-dropping data loss disaster that struck global consulting giant KPMG at the height of the 2020 pandemic. With one errant click, a Microsoft 365 admin accidentally wiped out months of critical Teams chat data for a staggering 145,000 employees.
Join host W. Curtis Preston as he unravels this extraordinary tale of digital destruction and explores the crucial lessons it holds for organizations relying on Microsoft 365 and other SaaS platforms. Curtis breaks down the differences between retention policies and actual backups, exposes common misconceptions about cloud provider data protection responsibilities, and highlights the potential legal and compliance nightmares that can arise from such catastrophic data loss.
If you're using Microsoft 365 or any SaaS application, you can't afford to miss this vital wake-up call. Tune in to discover why a robust third-party backup strategy is essential, no matter how big your company or how reliable your cloud provider seems. Learn from KPMG's misfortune and ensure your organization's critical data is always protected, in the cloud and beyond.
Don't become the next cautionary tale – listen now and secure your SaaS data before it's too late!
Mentioned in this episode:
Blank Midroll
Speaker:
Imagine this.
Speaker:
You're in the middle of a really important conversation in Microsoft teams.
Speaker:
You spend several minutes typing up a response that
Speaker:
will finally make your point.
Speaker:
But the moment you hit enter the message disappears.
Speaker:
And it turns out.
Speaker:
So did everyone else's responses?
Speaker:
Then you find out that every single conversation in Microsoft, 365 is gone.
Speaker:
That's what happened to 145,000 KPMG employees, right in
Speaker:
the middle of the pandemic.
Speaker:
The Microsoft 365 admin was trying to delete a single user's chats
Speaker:
when they actually deleted the entire company's data instead.
Speaker:
And today's episode, we'll dive right into this jaw-dropping data disaster
Speaker:
and see how it serves as a powerful reminder of the importance of backing
Speaker:
up your cloud and SAS environments.
Speaker:
We'll be discussing how Microsoft retention policies are not backups.
Speaker:
This story proved my point.
Speaker:
This episode is the latest in a series of cloud disasters.
Speaker:
Companies that lost everything because they misunderstood
Speaker:
how backups work in the cloud.
Speaker:
We've already covered some major cloud vendors like AWS, Google, and OVH.
Speaker:
Now it's, Microsoft's turned.
Speaker:
If you hear this story and still think you don't need to back up Microsoft 365.
Speaker:
I just don't know what to say.
Speaker:
Hi, I'm W, Curtis Preston.
Speaker:
AKA Mr.
Speaker:
Backup.
Speaker:
30 years ago, my employer lost their purchasing database.
Speaker:
When it turned out, my backups were broken.
Speaker:
I vowed that would never happen to me again.
Speaker:
And now I try to do the same for those who read my books and listen to my podcast.
Speaker:
I want to turn you the unappreciated backup admin into a cyber recovery hero.
Speaker:
This is the backup wrap up.
Speaker:
W. Curtis Preston: Welcome to the show.
Speaker:
I'm your host, w Curtis Preston, AKA, Mr.
Speaker:
Backup, and with me, I have what I hope to be.
Speaker:
My personal non-ad advisor on taxes
Prasanna Malaiyandi:
Is it that time of year, Curtis?
Prasanna Malaiyandi:
W. Curtis Preston: is that time of year.
Prasanna Malaiyandi:
Um, although, although I have to say I have.
Prasanna Malaiyandi:
I I, this will be a complicated year, right?
Prasanna Malaiyandi:
Due to a variety.
Prasanna Malaiyandi:
A variety of things, right?
Prasanna Malaiyandi:
The interesting year of employment and non-employment and contractor
Prasanna Malaiyandi:
work that I did last year.
Prasanna Malaiyandi:
So let me get, are your taxes like already done?
Prasanna Malaiyandi:
Uh, no comment.
Prasanna Malaiyandi:
W. Curtis Preston: Okay.
Prasanna Malaiyandi:
I just, you just seem so put together with this whole tax thing that I
Prasanna Malaiyandi:
figured that by now you'd be done
Prasanna Malaiyandi:
so I, I was just waiting for the last of the paperwork,
Prasanna Malaiyandi:
but I am one of those crazy people who sort of pre-plan everything.
Prasanna Malaiyandi:
So,
Prasanna Malaiyandi:
W. Curtis Preston: Yeah.
Prasanna Malaiyandi:
You got spreadsheets and stuff.
Prasanna Malaiyandi:
so usually I know more or less where I'll land
Prasanna Malaiyandi:
based on pay stubs and it's just the final bits of like interest and
Prasanna Malaiyandi:
dividends and other things like that.
Prasanna Malaiyandi:
W. Curtis Preston: You probably wouldn't be sleeping at night if you're in
Prasanna Malaiyandi:
my situation right now because I'm.
Prasanna Malaiyandi:
well, yeah.
Prasanna Malaiyandi:
Yeah.
Prasanna Malaiyandi:
I don't know how you do that.
Prasanna Malaiyandi:
I, so I should say that 99.99999% of the people are like you,
Prasanna Malaiyandi:
W. Curtis Preston: I think, I think you're right.
Prasanna Malaiyandi:
Yeah.
Prasanna Malaiyandi:
In fact, in fact, I know based on my work with, uh, Intuit back 25 years
Prasanna Malaiyandi:
ago, that like they were saying, if I recall correctly, it was like
Prasanna Malaiyandi:
something like 90% of their business on TurboTax occurs within like the
Prasanna Malaiyandi:
last three days before April 15th.
Prasanna Malaiyandi:
Prasanna Malaiyandi (4): Doesn't surprise me.
Prasanna Malaiyandi:
One challenge too is there's a lot of fraud.
Prasanna Malaiyandi:
So someone takes your social security number files.
Prasanna Malaiyandi:
A fake tax return.
Prasanna Malaiyandi:
Gets the refund.
Prasanna Malaiyandi:
W. Curtis Preston: that's, that is really hard to recover from.
Prasanna Malaiyandi:
Yeah, you know what else is real hard to recover from?
Prasanna Malaiyandi:
What?
Prasanna Malaiyandi:
W. Curtis Preston: deleted data in a SaaS provider that you don't have a backup of.
Prasanna Malaiyandi:
See that segue?
Prasanna Malaiyandi:
You're proud of that segue.
Prasanna Malaiyandi:
Look at
Prasanna Malaiyandi:
good.
Prasanna Malaiyandi:
W. Curtis Preston: So this will be a part of our continued series on
Prasanna Malaiyandi:
why you should back up the cloud.
Prasanna Malaiyandi:
And you know, the cl there, there's a bunch of different parts of the cloud.
Prasanna Malaiyandi:
Uh, today we're gonna be talking about a, a SaaS provider, possibly
Prasanna Malaiyandi:
of the biggest SaaS providers,
Prasanna Malaiyandi:
Prasanna Malaiyandi (4): I think they're one of the most valuable
Prasanna Malaiyandi:
companies in the world right now.
Prasanna Malaiyandi:
W. Curtis Preston: So that would be Microsoft.
Prasanna Malaiyandi:
And I remember in the, you know, my days at Druva, this was what
Prasanna Malaiyandi:
we saw as like one of the biggest greenfield environments because hardly
Prasanna Malaiyandi:
anybody backed up Microsoft 365.
Prasanna Malaiyandi:
don't need to back up Microsoft 365 Curtis,
Prasanna Malaiyandi:
W. Curtis Preston: Right?
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
you reach
Prasanna Malaiyandi:
W. Curtis Preston: Uh.
Prasanna Malaiyandi:
strangle me through the video.
Prasanna Malaiyandi:
W. Curtis Preston: Yeah, and, and the thing was, it was, it was super
Prasanna Malaiyandi:
difficult for me as a person who has dedicated their career to backups.
Prasanna Malaiyandi:
I really don't understand the people that have migrated to a SaaS provider
Prasanna Malaiyandi:
have migrated any portion of their.
Prasanna Malaiyandi:
IT infrastructure to some type of other provider of any kind, whether it's a,
Prasanna Malaiyandi:
you know, I, a s, past SaaS, whatever, and didn't check this box, right?
Prasanna Malaiyandi:
Didn't ask how does backup and recovery work there?
Prasanna Malaiyandi:
Right?
Prasanna Malaiyandi:
What's the thing that didn't look in the service agreement, didn't do any
Prasanna Malaiyandi:
testing of any backup, let's delete.
Prasanna Malaiyandi:
Something and then restore it and, right.
Prasanna Malaiyandi:
I, I like, I mean, I, I've known for a long time that people hate backup.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
Nobody, nobody wants to do
Prasanna Malaiyandi:
I am sorry Curtis.
Prasanna Malaiyandi:
W. Curtis Preston: yeah.
Prasanna Malaiyandi:
Nobody, yeah.
Prasanna Malaiyandi:
Nobody wants to be the backup person.
Prasanna Malaiyandi:
Uh, that's how I got my job.
Prasanna Malaiyandi:
That's how I got my first job, was the, you know, Ron Rodriguez didn't
Prasanna Malaiyandi:
want to be the backup guy anymore.
Prasanna Malaiyandi:
And so that's how I got my job.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
And that's how, that's how many of our listeners got their jobs.
Prasanna Malaiyandi:
Uh, and it's how.
Prasanna Malaiyandi:
Much of the cloud migration has happened, right?
Prasanna Malaiyandi:
It's people move to something like Microsoft 365, and I do know for a fact
Prasanna Malaiyandi:
that some Tams technical account managers at Microsoft 365 have uttered words to
Prasanna Malaiyandi:
the effect that they don't have to worry about backup, and that's one of the
Prasanna Malaiyandi:
reasons that they should migrate to 365.
Prasanna Malaiyandi:
They're, they're wrong.
Prasanna Malaiyandi:
They don't do it in writing,
Prasanna Malaiyandi:
This isn't unique to Microsoft 365 a SaaS or path,
Prasanna Malaiyandi:
because do you remember back in the day with virtual machines, right?
Prasanna Malaiyandi:
And VMware, right?
Prasanna Malaiyandi:
They had the same message as well, right?
Prasanna Malaiyandi:
And it wasn't until people were like, Hey, I'm now using this for
Prasanna Malaiyandi:
production workloads and I really should care about how I back it up.
Prasanna Malaiyandi:
And then that spurned sort of, okay, Veeam came along along
Prasanna Malaiyandi:
with other backup vendors, right?
Prasanna Malaiyandi:
Figuring out how to optimize it and make it better.
Prasanna Malaiyandi:
But the initial ones you never had backups.
Prasanna Malaiyandi:
W. Curtis Preston: Yeah.
Prasanna Malaiyandi:
Backup never leads the charge in anything.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
Um, and, but, but it's still, it's still depressing to me sometimes.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
And, and in this case, there are people, I can think of one particular person
Prasanna Malaiyandi:
I won't mention in my name, but I can think of one particular person that is a
Prasanna Malaiyandi:
fellow book author that, you know, just really doesn't seem to see the need.
Prasanna Malaiyandi:
To backup 365, even in his blog post about the incident that
Prasanna Malaiyandi:
we're gonna talk about today.
Prasanna Malaiyandi:
He said, you know, some people will probably tell you that this is an
Prasanna Malaiyandi:
example of why you need to back up Microsoft 365, but I wanna tell you
Prasanna Malaiyandi:
that even if you had backups, uh, that wouldn't have helped in this case.
Prasanna Malaiyandi:
And he's right, but doesn't change the
Prasanna Malaiyandi:
Yeah.
Prasanna Malaiyandi:
W. Curtis Preston: So enough with the preamble.
Prasanna Malaiyandi:
What are we talking about here?
Prasanna Malaiyandi:
What happened back in uh, 20, you know, August of 2020, what happened?
Prasanna Malaiyandi:
Isn't that right around the pandemic, Curtis,
Prasanna Malaiyandi:
where aren't we all locked down?
Prasanna Malaiyandi:
Not going
Prasanna Malaiyandi:
W. Curtis Preston: we were all, yeah.
Prasanna Malaiyandi:
So while we were all locked down,
Prasanna Malaiyandi:
Yeah.
Prasanna Malaiyandi:
So.
Prasanna Malaiyandi:
W. Curtis Preston: of little companies.
Prasanna Malaiyandi:
so this was a large, very, very, very large
Prasanna Malaiyandi:
company called KPMG, which is a consulting slash auditing firm.
Prasanna Malaiyandi:
They do both,
Prasanna Malaiyandi:
W. Curtis Preston: Right,
Prasanna Malaiyandi:
and uh, they decided one day, Hey, I'm going to
Prasanna Malaiyandi:
go change a retention policy for my Microsoft teams for a particular user.
Prasanna Malaiyandi:
W. Curtis Preston: right.
Prasanna Malaiyandi:
And they went and made that change.
Prasanna Malaiyandi:
And apparently they didn't realize it affected all users.
Prasanna Malaiyandi:
And by the way, that small company you're talking about, it's like 145,000 people,
Prasanna Malaiyandi:
W. Curtis Preston: You know, 45,000 people
Prasanna Malaiyandi:
And so it.
Prasanna Malaiyandi:
So it impacted the retention for those 145,000 people.
Prasanna Malaiyandi:
And so all these folks who are basically like, you know, auditing
Prasanna Malaiyandi:
companies and have a bunch of sensitive chat messages and other things.
Prasanna Malaiyandi:
Yeah.
Prasanna Malaiyandi:
All those messages went byebye.
Prasanna Malaiyandi:
W. Curtis Preston: Yeah, just poof.
Prasanna Malaiyandi:
And I'm sure that they reached out.
Prasanna Malaiyandi:
I mean, we don't, it's not in the story, but I am absolutely sure
Prasanna Malaiyandi:
that they reached out to Microsoft, said, is there anything you can do?
Prasanna Malaiyandi:
And the answer is, uh, no.
Prasanna Malaiyandi:
Because what you experienced is a feature, not a bug.
Prasanna Malaiyandi:
yeah.
Prasanna Malaiyandi:
W. Curtis Preston: And
Prasanna Malaiyandi:
the, the, go
Prasanna Malaiyandi:
no, go finish.
Prasanna Malaiyandi:
W. Curtis Preston: The true irony of this is that the feature that they were using.
Prasanna Malaiyandi:
That resulted in the deletion of data is the feature that people, including the,
Prasanna Malaiyandi:
the guy to which I was referring, they pointed this feature as a substitute
Prasanna Malaiyandi:
for backup, that you should use this fe.
Prasanna Malaiyandi:
That if you had, if you properly use this feature, you wouldn't need backup.
Prasanna Malaiyandi:
But apparently if you improperly use the.
Prasanna Malaiyandi:
Yeah.
Prasanna Malaiyandi:
So maybe Curtis, why don't you talk a little bit about the
Prasanna Malaiyandi:
feature itself and what it does?
Prasanna Malaiyandi:
W. Curtis Preston: Yeah.
Prasanna Malaiyandi:
So the feature that we're talking about is retention policies,
Prasanna Malaiyandi:
and they are complicated.
Prasanna Malaiyandi:
They're, the last time I checked, if you went and looked at the,
Prasanna Malaiyandi:
the justice feature in the documentation, there's 25 pages of
Prasanna Malaiyandi:
documentation on this one feature.
Prasanna Malaiyandi:
Uh, you know, that, that Microsoft 365 has, and basically what it's designed
Prasanna Malaiyandi:
to do is to, in general, the idea is to make sure that things that should
Prasanna Malaiyandi:
be around are around and subsequently things that shouldn't stay around, don't.
Prasanna Malaiyandi:
So.
Prasanna Malaiyandi:
A typical retention policy might be 90 days.
Prasanna Malaiyandi:
We set a retention policy on email 90 days, which means that after 90 days, what
Prasanna Malaiyandi:
sent email a received email of any kind, again, based on the policy gets deleted.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
You could also set it to be a year, you could set it to be seven years,
Prasanna Malaiyandi:
whatever.
Prasanna Malaiyandi:
You can set different retention policies for, uh, email, for
Prasanna Malaiyandi:
SharePoint, for OneDrive.
Prasanna Malaiyandi:
You can set all these different, uh, policies.
Prasanna Malaiyandi:
You can also set a single policy.
Prasanna Malaiyandi:
Everything in Microsoft 365 is kept for.
Prasanna Malaiyandi:
End days and no longer, right.
Prasanna Malaiyandi:
Um, you can set it at a group level, you can set it at an individual level.
Prasanna Malaiyandi:
And the, the reason why, uh, and it has an optional, um, uh, and what,
Prasanna Malaiyandi:
what I'm gonna call, and I really mean it feature, um, which is a
Prasanna Malaiyandi:
checkbox that says once you set it.
Prasanna Malaiyandi:
Uh, you can't change your mind.
Prasanna Malaiyandi:
So once you say Everything in this environment should be
Prasanna Malaiyandi:
kept for a year, you can't.
Prasanna Malaiyandi:
Then 60 days later, change your mind.
Prasanna Malaiyandi:
Say, I, I, I'm sorry.
Prasanna Malaiyandi:
I meant, I meant something Way less than a year.
Prasanna Malaiyandi:
Sorry.
Prasanna Malaiyandi:
You've turned it on for a year.
Prasanna Malaiyandi:
Right?
Prasanna Malaiyandi:
that means any data created stays for that year.
Prasanna Malaiyandi:
W. Curtis Preston: Right.
Prasanna Malaiyandi:
if I created new data after changing into 60 days,
Prasanna Malaiyandi:
new data would stay for 60 days.
Prasanna Malaiyandi:
Old data would stay for one year.
Prasanna Malaiyandi:
W. Curtis Preston: right, right.
Prasanna Malaiyandi:
And so what can happen if you use this policy is so, and the, the reason
Prasanna Malaiyandi:
why I say this is those that are proponents of using retention policies.
Prasanna Malaiyandi:
Instead of backup, they basically say, look, Microsoft is really resilient.
Prasanna Malaiyandi:
They've got delayed copies and all this kind of stuff in there.
Prasanna Malaiyandi:
And so, so really like, like Microsoft will protect the
Prasanna Malaiyandi:
Microsoft environment, right?
Prasanna Malaiyandi:
And that if they have to recover the Microsoft environment, you will get
Prasanna Malaiyandi:
recovered as a consequence of that.
Prasanna Malaiyandi:
So you don't, these are the proponents of, of, of this, this
Prasanna Malaiyandi:
is not me, this is, you know.
Prasanna Malaiyandi:
Other folks.
Prasanna Malaiyandi:
W. Curtis Preston: Um, they'll say, you don't, you don't have to worry about that.
Prasanna Malaiyandi:
What you need to worry about is a ransomware attack or a
Prasanna Malaiyandi:
massive accidental deletion, like what happened at KPMG, right?
Prasanna Malaiyandi:
Yeah.
Prasanna Malaiyandi:
W. Curtis Preston: And so you can say, um.
Prasanna Malaiyandi:
Uh, everything gets kept for X amount of days, and you can check the box that says,
Prasanna Malaiyandi:
um, you know, and I can't change my mind.
Prasanna Malaiyandi:
And then after, you know, 30, 60, 90 days when you find out what that does to
Prasanna Malaiyandi:
your storage and you're like, holy cow, I didn't realize this was going to do this
Prasanna Malaiyandi:
to my storage, and subsequently my bill.
Prasanna Malaiyandi:
Yeah.
Prasanna Malaiyandi:
W. Curtis Preston: You can't change your mind.
Prasanna Malaiyandi:
I mean, you can change your mind, but you can't change your mind for that period.
Prasanna Malaiyandi:
It's not retroactive, right?
Prasanna Malaiyandi:
You told it, you know that you wanted to keep it and you wanted to do the, you
Prasanna Malaiyandi:
know, the uh, the compliance feature.
Prasanna Malaiyandi:
Since you just mentioned compliance,
Prasanna Malaiyandi:
so retention though, right?
Prasanna Malaiyandi:
It's typically associated with a compliance policy.
Prasanna Malaiyandi:
W. Curtis Preston: Right.
Prasanna Malaiyandi:
And even if the user goes and deletes that email before
Prasanna Malaiyandi:
the retention period is up, because it's sort of intended for compliance,
Prasanna Malaiyandi:
that email is still kept around until the retention policy expires.
Prasanna Malaiyandi:
W. Curtis Preston: Right.
Prasanna Malaiyandi:
Yeah.
Prasanna Malaiyandi:
When, when, when I delete an email, all it does is set the don't show it to Curtis
Prasanna Malaiyandi:
Yeah.
Prasanna Malaiyandi:
W. Curtis Preston: It's still there.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
Um, the, and, and the other thing is that.
Prasanna Malaiyandi:
It's designed, you, you said it's designed for compliance.
Prasanna Malaiyandi:
It's designed, it's the complete opposite of backup.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
So you know how we talk a lot about backup versus archive.
Prasanna Malaiyandi:
This is much more about archive and retrieval and e-discovery than it is about
Prasanna Malaiyandi:
recovering Curtis's email box because
Prasanna Malaiyandi:
To no point in time.
Prasanna Malaiyandi:
At no point in time.
Prasanna Malaiyandi:
W. Curtis Preston: Yeah, at a point in time, what it can do is you can
Prasanna Malaiyandi:
go then do an e-discovery case.
Prasanna Malaiyandi:
First off, you need different permissions.
Prasanna Malaiyandi:
It's different than like the default system admin, uh, permissions.
Prasanna Malaiyandi:
You need separate permiss permissions to do this, and then you can
Prasanna Malaiyandi:
go in and say, please extract all of the email that Curtis.
Prasanna Malaiyandi:
Has ever received or received in this time period.
Prasanna Malaiyandi:
And then they can throw that in your inbox all in one big pile, not in the folders
Prasanna Malaiyandi:
or whatever, that you had it before.
Prasanna Malaiyandi:
And by the way, not just email, but the same is true in SharePoint or whatever.
Prasanna Malaiyandi:
Um, it's just a big pile of stuff.
Prasanna Malaiyandi:
And then they put it back, and then you gotta go figure out
Prasanna Malaiyandi:
what what you don't need, right?
Prasanna Malaiyandi:
and usually you use retention policies because keeping data
Prasanna Malaiyandi:
around is actually sometimes a bad idea,
Prasanna Malaiyandi:
W. Curtis Preston: Right, right.
Prasanna Malaiyandi:
This is a, it's a legal, it's a legal issue, right?
Prasanna Malaiyandi:
And so you say, look, we're not gonna keep data longer than a year.
Prasanna Malaiyandi:
Um, period.
Prasanna Malaiyandi:
You know, I know that when I worked at Druva, they had implemented a data
Prasanna Malaiyandi:
retention policy on Slack, for example.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
Um, you know, they only would allow Slack messages for I think it was like 90 days
Prasanna Malaiyandi:
Yeah.
Prasanna Malaiyandi:
W. Curtis Preston: So, so a couple of things about retention policies.
Prasanna Malaiyandi:
One is, it, it's not good at restore it, it any more, any more
Prasanna Malaiyandi:
than a backup tool is good at, at e-Discovery, this is an e-discovery
Prasanna Malaiyandi:
tool that's not good at backup.
Prasanna Malaiyandi:
It's not good at Restore.
Prasanna Malaiyandi:
And so
Prasanna Malaiyandi:
if you got a large ransomware attack.
Prasanna Malaiyandi:
It wouldn't be good at that, right?
Prasanna Malaiyandi:
The other thing is that it can result in significant increases in your cost, right?
Prasanna Malaiyandi:
And your storage, as opposed to just using a backup tool, which would
Prasanna Malaiyandi:
also have an increase in cost, but a different increase in cost, right?
Prasanna Malaiyandi:
And more, and a more predictable increase in cost.
Prasanna Malaiyandi:
Um, and then, and to the point of this story, it can
Prasanna Malaiyandi:
sometimes really screw you up.
Prasanna Malaiyandi:
yeah.
Prasanna Malaiyandi:
If you don't understand and aren't careful,
Prasanna Malaiyandi:
W. Curtis Preston: Yeah, so as I understand it, so the way that they
Prasanna Malaiyandi:
would've done this, and this, by the way, this is inference not information.
Prasanna Malaiyandi:
When you've got 145,000 people and you have, um, one person whose
Prasanna Malaiyandi:
private chats you wanna delete, and you've got a retention policy that
Prasanna Malaiyandi:
says for 145,000 people, we keep.
Prasanna Malaiyandi:
You know, private chats for six months, whatever, whatever the number is, right?
Prasanna Malaiyandi:
90 days, you can't, you can't delete those private chats as long as that person is in
Prasanna Malaiyandi:
the, um, in that policy.
Prasanna Malaiyandi:
So you have to create a different policy that says private chats
Prasanna Malaiyandi:
get kept for one day, and then you move that user into that policy.
Prasanna Malaiyandi:
Yep.
Prasanna Malaiyandi:
W. Curtis Preston: Apparently they just, they did the wrong
Prasanna Malaiyandi:
They just edited the policy.
Prasanna Malaiyandi:
W. Curtis Preston: they create, yeah.
Prasanna Malaiyandi:
They edited the policy, uh, and then poof instantly.
Prasanna Malaiyandi:
And again, they didn't have the, the flag.
Prasanna Malaiyandi:
See if they had, had the flag turned on.
Prasanna Malaiyandi:
And
Prasanna Malaiyandi:
Their old data would've been fine.
Prasanna Malaiyandi:
W. Curtis Preston: Yeah, the old data would've been fine.
Prasanna Malaiyandi:
Um, they, they wouldn't have been able to, to, to mess it up like this.
Prasanna Malaiyandi:
So one message could be, if you're gonna use retention policies,
Prasanna Malaiyandi:
you better turn on that flag.
Prasanna Malaiyandi:
'cause they all, they're all they, they are all you have.
Prasanna Malaiyandi:
Well, it wouldn't save you though from
Prasanna Malaiyandi:
new messages created, so you
Prasanna Malaiyandi:
W. Curtis Preston: No, but at least you wouldn't have deleted six months.
Prasanna Malaiyandi:
No, no, no.
Prasanna Malaiyandi:
But it would've been
Prasanna Malaiyandi:
W. Curtis Preston: this out in about five minutes, you
Prasanna Malaiyandi:
But would you though, because now anything new that
Prasanna Malaiyandi:
you type would be following that new policy and maybe you don't realize it.
Prasanna Malaiyandi:
W. Curtis Preston: Yeah, I just, I just think it would be, it would
Prasanna Malaiyandi:
be less of a tragedy than Right.
Prasanna Malaiyandi:
Um, and, and I, I do think it's important to say that had they,
Prasanna Malaiyandi:
there are no APIs for restoring.
Prasanna Malaiyandi:
Um, teams messages.
Prasanna Malaiyandi:
There are APIs and there are ways to get these messages.
Prasanna Malaiyandi:
They are, and some of them are frankly, very klugy.
Prasanna Malaiyandi:
Um, I, I remember, I remember participating in some of these
Prasanna Malaiyandi:
conversations, you know, when I was at Druva, getting some of this data
Prasanna Malaiyandi:
is very klugy because it wasn't really designed to be gotten right.
Prasanna Malaiyandi:
If you had done, if they had done that, they wouldn't have been able
Prasanna Malaiyandi:
to restore the team's messages, but
Prasanna Malaiyandi:
Prasanna Malaiyandi: would've had it at least.
Prasanna Malaiyandi:
W. Curtis Preston: they would've at least had it.
Prasanna Malaiyandi:
And if there was anything important in there, which there shouldn't
Prasanna Malaiyandi:
be, there shouldn't be important stuff and private messages.
Prasanna Malaiyandi:
Um, but remember, we live in a world where people use their recycle bin for storage.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
Um, right.
Prasanna Malaiyandi:
You've seen that,
Prasanna Malaiyandi:
Yep.
Prasanna Malaiyandi:
W. Curtis Preston: Um, you are like, Hey, your hard drive is filled, and you, you
Prasanna Malaiyandi:
click the recycle bin like, whatcha doing?
Prasanna Malaiyandi:
You just deleted my storage area.
Prasanna Malaiyandi:
Yeah, that actually was the last thing that happened to me
Prasanna Malaiyandi:
at the bank was, was deleting.
Prasanna Malaiyandi:
I rebooted a server
Prasanna Malaiyandi:
It was
Prasanna Malaiyandi:
W. Curtis Preston: well, somebody rebooted a server and it was, it was hp
Prasanna Malaiyandi:
where HP that slash TMP was in ram and we found out a whole bunch of developers
Prasanna Malaiyandi:
had stored their code tree there.
Prasanna Malaiyandi:
And they were like, this is really important.
Prasanna Malaiyandi:
I'm like, then you shouldn't have put it in temp.
Prasanna Malaiyandi:
And they were very angry because we didn't back up temp
Prasanna Malaiyandi:
Who would?
Prasanna Malaiyandi:
It's Tim.
Prasanna Malaiyandi:
W. Curtis Preston: temp and, uh, we lost months of development work.
Prasanna Malaiyandi:
Um.
Prasanna Malaiyandi:
So we live in that kind of world, right?
Prasanna Malaiyandi:
And so, um, people do sometimes put important stuff in there and
Prasanna Malaiyandi:
anything that was important there were in messages, which shouldn't
Prasanna Malaiyandi:
have been, but anything that was there would've been instantly, um, deleted.
Prasanna Malaiyandi:
Sort of like, uh, opening the door, uh, when you're out to space,
Prasanna Malaiyandi:
Don't do it.
Prasanna Malaiyandi:
W. Curtis Preston: don't do it.
Prasanna Malaiyandi:
So, so let's go back to this, right?
Prasanna Malaiyandi:
So they lost a bunch of messages because someone accidentally
Prasanna Malaiyandi:
set the retention policy.
Prasanna Malaiyandi:
What should they have done?
Prasanna Malaiyandi:
What could they have done to make this less painful?
Prasanna Malaiyandi:
W. Curtis Preston: Well, I, I'd say a couple of things.
Prasanna Malaiyandi:
One, the first and most obvious to me was if they had a backup, then this
Prasanna Malaiyandi:
would've been less painful, right?
Prasanna Malaiyandi:
They would've been able to at least retrieve, you know, important data.
Prasanna Malaiyandi:
I.
Prasanna Malaiyandi:
And by the way, not all, not all products at Backup 365 are able to
Prasanna Malaiyandi:
get anything out of teams, right.
Prasanna Malaiyandi:
Teams messages.
Prasanna Malaiyandi:
Uh, some have to different degree, different levels of success.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
But, but they would've had the possibility of getting that data back.
Prasanna Malaiyandi:
And number two is, it is a little surprising that an admin would
Prasanna Malaiyandi:
do something of that level.
Prasanna Malaiyandi:
I.
Prasanna Malaiyandi:
With a mouse.
Prasanna Malaiyandi:
Right,
Prasanna Malaiyandi:
Without any controls or any checks or anything else like
Prasanna Malaiyandi:
W. Curtis Preston: yeah, yeah,
Prasanna Malaiyandi:
at least approve or look over, Hey,
Prasanna Malaiyandi:
are you doing the right thing?
Prasanna Malaiyandi:
W. Curtis Preston: yeah.
Prasanna Malaiyandi:
You would think that something of that level, you know, I, I guess he wasn't
Prasanna Malaiyandi:
thinking or she wasn't thinking that, um, they were just thinking one person.
Prasanna Malaiyandi:
It's just one guy.
Prasanna Malaiyandi:
I'm just doing one guy.
Prasanna Malaiyandi:
But that's where a process becomes so critical, right.
Prasanna Malaiyandi:
And documenting process and.
Prasanna Malaiyandi:
W. Curtis Preston: yeah, yeah.
Prasanna Malaiyandi:
So they could have, they also could, had they enabled the, the
Prasanna Malaiyandi:
retention lock, that's what it's called, the retention lock feature.
Prasanna Malaiyandi:
They would've at least kept the data from before.
Prasanna Malaiyandi:
Um, and they would've, they would've minimized the pain if they turned
Prasanna Malaiyandi:
on the retention lot feature.
Prasanna Malaiyandi:
But I'm not a big fan of the retention lot feature because.
Prasanna Malaiyandi:
Its potential significant increase in, uh, in storage costs.
Prasanna Malaiyandi:
and especially, it's so hard to predict how much
Prasanna Malaiyandi:
space you have or would be consuming before you enable that feature.
Prasanna Malaiyandi:
Like any sort of capacity planning or sizing, calculators, I've seen even for
Prasanna Malaiyandi:
general storage, they're not accurate because your workload is going to
Prasanna Malaiyandi:
change and it's going to depend on your environment and how people use the tools.
Prasanna Malaiyandi:
And so it's just a best guess.
Prasanna Malaiyandi:
And until you actually turn it on, start using it, you're never gonna know.
Prasanna Malaiyandi:
W. Curtis Preston: Yeah, I would think that if, if you're gonna use the retention
Prasanna Malaiyandi:
policies instead of backup, right?
Prasanna Malaiyandi:
Which you shouldn't do, but if you did, should turn it on for, let's
Prasanna Malaiyandi:
say three months and see what it does to your storage and then, and
Prasanna Malaiyandi:
then make a decision at that point as to whether or not you wanna.
Prasanna Malaiyandi:
Essentially make this permanent.
Prasanna Malaiyandi:
Uh, and then when you see what it does to your storage, then maybe have
Prasanna Malaiyandi:
a conversation with a backup vendor and say, Hey, can you do this with
Prasanna Malaiyandi:
less of an impact to my environment?
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
Um, now some people, you know, you know, so I read, uh, with, with great delight.
Prasanna Malaiyandi:
I read the comments in Reddit, there's a Reddit thread
Prasanna Malaiyandi:
about this, and there's also.
Prasanna Malaiyandi:
A comment thread from the register article.
Prasanna Malaiyandi:
I, it's one thing I love about the register is that they have
Prasanna Malaiyandi:
comments and boy do people get in.
Prasanna Malaiyandi:
What's
Prasanna Malaiyandi:
We'll, the links in the show notes.
Prasanna Malaiyandi:
W. Curtis Preston: Yeah.
Prasanna Malaiyandi:
Thanks to those.
Prasanna Malaiyandi:
Yeah.
Prasanna Malaiyandi:
Um, you know, and you know, of course you got the standard stupid cloud, you know,
Prasanna Malaiyandi:
it's where you want to put, you know, I'm like, dude, this could have been exchange,
Prasanna Malaiyandi:
right?
Prasanna Malaiyandi:
Uh, this could have been an exchange environment.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
Um.
Prasanna Malaiyandi:
Then the other, of course, is, well, why didn't they go, why
Prasanna Malaiyandi:
didn't they go to their backup?
Prasanna Malaiyandi:
Like, people just completely ignorant that, and, and I,
Prasanna Malaiyandi:
that that's the proper word.
Prasanna Malaiyandi:
People like, they're like, oh, that's pejorative.
Prasanna Malaiyandi:
It's the proper word.
Prasanna Malaiyandi:
They don't know that Microsoft 365 doesn't have backup.
Prasanna Malaiyandi:
If you are not providing it, it doesn't have it.
Prasanna Malaiyandi:
Given how big KPMG is and what sort of
Prasanna Malaiyandi:
things that they provide to their clients, that's a little shocking.
Prasanna Malaiyandi:
If they didn't know that there's no backups.
Prasanna Malaiyandi:
I'm sorry.
Prasanna Malaiyandi:
That's just bonkers.
Prasanna Malaiyandi:
W. Curtis Preston: It is bonkers, but it's a bonkers that I run into all the time.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
Um, yeah.
Prasanna Malaiyandi:
so I know that we're looking at this as
Prasanna Malaiyandi:
people lost a bunch of data.
Prasanna Malaiyandi:
W. Curtis Preston: Mm-hmm.
Prasanna Malaiyandi:
And people lost their chats.
Prasanna Malaiyandi:
Right?
Prasanna Malaiyandi:
It was probably a lot of sensitive information or
Prasanna Malaiyandi:
important information was lost.
Prasanna Malaiyandi:
I was just going in my head about what, that must be amazing because
Prasanna Malaiyandi:
it's like you hit a reset, you don't have to worry about deleting
Prasanna Malaiyandi:
conversations or anything else, right?
Prasanna Malaiyandi:
It's like clean slate.
Prasanna Malaiyandi:
It's like you start a new job somewhere.
Prasanna Malaiyandi:
It's like no previous chat messages, no baggage, no nothing
Prasanna Malaiyandi:
that you have to worry about.
Prasanna Malaiyandi:
W. Curtis Preston: Yeah.
Prasanna Malaiyandi:
Well, the, the other, the other thing, when I think about this.
Prasanna Malaiyandi:
Uh, again, when I talk about this other person, you know, they're like,
Prasanna Malaiyandi:
well, it was just private messages.
Prasanna Malaiyandi:
You shouldn't have been putting anything of value in private
Prasanna Malaiyandi:
do that all the
Prasanna Malaiyandi:
W. Curtis Preston: That is that people do it all the time.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
But they're right.
Prasanna Malaiyandi:
They're right.
Prasanna Malaiyandi:
You shouldn't do.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
But this could have just as easily been email,
Prasanna Malaiyandi:
Or SharePoint.
Prasanna Malaiyandi:
W. Curtis Preston: Or SharePoint, right?
Prasanna Malaiyandi:
So retention policies are global.
Prasanna Malaiyandi:
If you want them to be right, you can make them as granular as you want.
Prasanna Malaiyandi:
Retention policy for one person, which is what they were trying to do, they could
Prasanna Malaiyandi:
have just as easily deleted all email
Prasanna Malaiyandi:
yeah.
Prasanna Malaiyandi:
W. Curtis Preston: in the environment.
Prasanna Malaiyandi:
They would've had no backup, they would've had no recourse.
Prasanna Malaiyandi:
'cause the, the whole point of retention policies, by the way, I mean this is maybe
Prasanna Malaiyandi:
something I should have mentioned before.
Prasanna Malaiyandi:
The point of them is that if you say don't keep it longer than
Prasanna Malaiyandi:
X, it gets rid of everything.
Prasanna Malaiyandi:
It, you know, it, it, it keeps it longer than, you know, if you said it's to 90
Prasanna Malaiyandi:
days, it, it deals with the, recycle bin.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
But wherever that entity is, that record, that email,
Prasanna Malaiyandi:
Once it's 90 days, it's boom.
Prasanna Malaiyandi:
Gone.
Prasanna Malaiyandi:
W. Curtis Preston: it, boom, it's gone.
Prasanna Malaiyandi:
And in this case, they set 90 to one or zero.
Prasanna Malaiyandi:
And that basically that means that there was no recycle bin
Prasanna Malaiyandi:
for them to go get this out of.
Prasanna Malaiyandi:
And that means if they did the same thing with email, they would've wiped out
Prasanna Malaiyandi:
the entire organization's entire email
Prasanna Malaiyandi:
infrastructure
Prasanna Malaiyandi:
Or if they did that with One Drive, then
Prasanna Malaiyandi:
all the documents are gone.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
So here's my question though, is assuming that they wanted to, because.
Prasanna Malaiyandi:
Given that they wanted to set this user's retention policy to zero, that pretty
Prasanna Malaiyandi:
much means they want all the data gone.
Prasanna Malaiyandi:
W. Curtis Preston: Right.
Prasanna Malaiyandi:
Why didn't they just delete the user?
Prasanna Malaiyandi:
W. Curtis Preston: Uh, because it would, the data would've stayed.
Prasanna Malaiyandi:
Oh, okay.
Prasanna Malaiyandi:
W. Curtis Preston: Yeah.
Prasanna Malaiyandi:
Again, that's the whole point of retention policies.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
Um, and, and I don't know, you know, I mean, we can.
Prasanna Malaiyandi:
We can theorize as to what did this user say in their private messages
Prasanna Malaiyandi:
that they've really wanted gone.
Prasanna Malaiyandi:
Um, we can theorize, by the way, there are theories I, I, I should just mention
Prasanna Malaiyandi:
them as long as we're talking about When I look, when you look at the thread,
Prasanna Malaiyandi:
there, there were, uh, pending legal matters where these private messages.
Prasanna Malaiyandi:
Perhaps could have been helpful, but now they're not available and this story would
Prasanna Malaiyandi:
at least be a legally defensible reason why, why it deleted our admin screwed up.
Prasanna Malaiyandi:
This wasn't spoilage, this wasn't purposeful deletion because of of a
Prasanna Malaiyandi:
lawsuit, but it also violates if they had a lawsuit that included this data.
Prasanna Malaiyandi:
It, it could potentially create, uh, an adverse inference, um, thing.
Prasanna Malaiyandi:
And I'll just explain that for those that don't, basically if you're being
Prasanna Malaiyandi:
sued or being prosecuted for something, if the judge believes that you have
Prasanna Malaiyandi:
either destroyed evidence or have behaved poorly the, basically the judge
Prasanna Malaiyandi:
can infer from that behavior something adverse to your case, and they could
Prasanna Malaiyandi:
literally, like in the case of a jury.
Prasanna Malaiyandi:
They can literally turn to the jury and say whatever the plaintiff said
Prasanna Malaiyandi:
was in those private messages, just go ahead and assume it was there
Prasanna Malaiyandi:
because why the hell else would they delete the private messages?
Prasanna Malaiyandi:
Right?
Prasanna Malaiyandi:
That's what's called an adverse inference instruction.
Prasanna Malaiyandi:
Um, and or if you know, if the judge is by themselves, they can just do it,
Prasanna Malaiyandi:
but, and I do wonder though if given the fact that
Prasanna Malaiyandi:
they weren't doing backups of this data, I wonder if that does qualify for that.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
Because yeah, you can blame that the admin was, did something by mistake,
Prasanna Malaiyandi:
but there's no reason you shouldn't have backups of business data, you know?
Prasanna Malaiyandi:
W. Curtis Preston: Well, you know, I agree with you there.
Prasanna Malaiyandi:
They possibly could say, well, even if we had backups, we wouldn't have had the
Prasanna Malaiyandi:
data or whatever, because it's teams,
Prasanna Malaiyandi:
But you have the data, you could extract it as on, you'd
Prasanna Malaiyandi:
maybe not restore it directly back into teams, but at least you have the data.
Prasanna Malaiyandi:
W. Curtis Preston: Yeah.
Prasanna Malaiyandi:
I, I think that, well, any adverse inference that could be inferred
Prasanna Malaiyandi:
from their behavior is in the sole discretion of, of a judge.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
And so the judge d different judges are going to have, uh, different levels
Prasanna Malaiyandi:
of like, you know, do they, do they believe that people are inherently good?
Prasanna Malaiyandi:
Right, right.
Prasanna Malaiyandi:
Uh, you know, they're, who knows what it, uh, this was four years ago.
Prasanna Malaiyandi:
We could probably find out, but, uh, I didn't care that much
Prasanna Malaiyandi:
about the part of it, but I just wanted to say that this was.
Prasanna Malaiyandi:
Part people were specifically pointed to specific cases that, uh, this is in
Prasanna Malaiyandi:
the, the register thread, by the way, for anyone who wants to look it up.
Prasanna Malaiyandi:
Um, this certainly is a nice way to get rid of a bunch of data with a nice story.
Prasanna Malaiyandi:
That doesn't sound like you're trying to do it purposefully.
Prasanna Malaiyandi:
I'm not saying that that's what happened, but I'm saying some people
Prasanna Malaiyandi:
so, so here's the thing.
Prasanna Malaiyandi:
In summary, Microsoft 365 isnt magic.
Prasanna Malaiyandi:
The cloud isn't magic.
Prasanna Malaiyandi:
You, you need to back up the cloud somehow, right?
Prasanna Malaiyandi:
Just like, it's not like people thought that, especially certain
Prasanna Malaiyandi:
people thought that I was saying this just because I work for dva, right?
Prasanna Malaiyandi:
Well, I don't work for Duv anymore.
Prasanna Malaiyandi:
Uh, the, the, it's not magic, right?
Prasanna Malaiyandi:
You know, it, it needs some kind of backup.
Prasanna Malaiyandi:
I don't, I don't, it doesn't have to be a third party.
Prasanna Malaiyandi:
I would prefer it be a third party.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
So you look at like, so Microsoft is starting to talk about snapshots
Prasanna Malaiyandi:
and some sort of recovery.
Prasanna Malaiyandi:
I don't yet know how that will all play out, but in general, and, and if it meets.
Prasanna Malaiyandi:
The
Prasanna Malaiyandi:
W. Curtis Preston: The usual, like 3, 2, 1 requirement.
Prasanna Malaiyandi:
'cause again, going back to the 3, 2, 1 rule, having three copies of your data,
Prasanna Malaiyandi:
two of which on, you know, different media with different risk profiles, one
Prasanna Malaiyandi:
of which being stored somewhere else.
Prasanna Malaiyandi:
The thing with 365 and a lot of SaaS providers is that they don't
Prasanna Malaiyandi:
do the two or the one, right?
Prasanna Malaiyandi:
It don't do any of this.
Prasanna Malaiyandi:
They don't have a separate copy of your data.
Prasanna Malaiyandi:
That that's, that's basic.
Prasanna Malaiyandi:
It's not magic.
Prasanna Malaiyandi:
The cloud doesn't solve all new problems.
Prasanna Malaiyandi:
In fact, it creates new ones and I'm pro cloud.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
How are you feeling Curtis, about this?
Prasanna Malaiyandi:
W. Curtis Preston: I know.
Prasanna Malaiyandi:
I was in a pretty good mood.
Prasanna Malaiyandi:
The beginning of this.
Prasanna Malaiyandi:
You to.
Prasanna Malaiyandi:
and I think this just goes back to humans make mistakes.
Prasanna Malaiyandi:
You gotta back it up.
Prasanna Malaiyandi:
W. Curtis Preston: Humans are the number one reason we back up.
Prasanna Malaiyandi:
It's, I mean, that's been more, that is more true today
Prasanna Malaiyandi:
than it ever was 30 years ago.
Prasanna Malaiyandi:
The number one reason we were doing restores would be 'cause
Prasanna Malaiyandi:
somebody deleted a file, right?
Prasanna Malaiyandi:
They fat fingered a file, they fat fair, and get the current version of
Prasanna Malaiyandi:
the file and they accidentally saved it.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
Yep.
Prasanna Malaiyandi:
W. Curtis Preston: That, that was the number one reason we did 30 years ago.
Prasanna Malaiyandi:
And every once in a while we would also lose a server.
Prasanna Malaiyandi:
Because remember back then we didn't even have a raid, So if you lost a hard drive,
Prasanna Malaiyandi:
was very
Prasanna Malaiyandi:
W. Curtis Preston: you lost a server, right?
Prasanna Malaiyandi:
Um, you move 30 years up and it's still stupid.
Prasanna Malaiyandi:
User errors and ransomware, which is another human caused
Prasanna Malaiyandi:
reason that we do restores.
Prasanna Malaiyandi:
Um,
Prasanna Malaiyandi:
Because also isn't most of the ransomware attacks started
Prasanna Malaiyandi:
with phishing more than anything else.
Prasanna Malaiyandi:
W. Curtis Preston: Yes.
Prasanna Malaiyandi:
Yes.
Prasanna Malaiyandi:
it's an employee who accidentally clicks on a link
Prasanna Malaiyandi:
that they shouldn't be clicking.
Prasanna Malaiyandi:
W. Curtis Preston: Right.
Prasanna Malaiyandi:
I, I saw, I'll, I'll, I'll tell a little story that I saw today on, um, on, um.
Prasanna Malaiyandi:
TikTok and it was a guy who, like, he, he was like, he said, you would not
Prasanna Malaiyandi:
believe what my wife's company did today.
Prasanna Malaiyandi:
The video was actually made yesterday, so it's, this would be, uh, Valentine's Day.
Prasanna Malaiyandi:
SO for those of you that don't know many companies, if not most companies do
Prasanna Malaiyandi:
automated phishing tests, they send you.
Prasanna Malaiyandi:
Emails that are essentially phishing emails to see if you will click on
Prasanna Malaiyandi:
them or to see if you will notify them.
Prasanna Malaiyandi:
And, um, he said they sent an automated email or they sent one of these testing
Prasanna Malaiyandi:
emails to everyone in the company that said you have a Valentine's Day delivery
Prasanna Malaiyandi:
from Edible Flowers at the front desk.
Prasanna Malaiyandi:
And, uh, you know,
Prasanna Malaiyandi:
Click here.
Prasanna Malaiyandi:
W. Curtis Preston: and then, and then there was a click, right?
Prasanna Malaiyandi:
And he said for like, you know, a few minutes.
Prasanna Malaiyandi:
Everyone in that company felt they were loved that, that they found out that
Prasanna Malaiyandi:
it was just,
Prasanna Malaiyandi:
W. Curtis Preston: was a
Prasanna Malaiyandi:
phishing email.
Prasanna Malaiyandi:
Instead of getting love, what they got was yelled at by it.
Prasanna Malaiyandi:
And
Prasanna Malaiyandi:
W. Curtis Preston: goes, accept.
Prasanna Malaiyandi:
He said, accept my wife because my wife knew.
Prasanna Malaiyandi:
There's no way I'm spending $200 on a, on some cantaloupe that's
Prasanna Malaiyandi:
made to look like a flower.
Prasanna Malaiyandi:
That is hilarious.
Prasanna Malaiyandi:
W. Curtis Preston: But yeah, that's just, I mean, the sad thing is, I mean, like I
Prasanna Malaiyandi:
see both sides of this argument, right?
Prasanna Malaiyandi:
Phishing emails.
Prasanna Malaiyandi:
Right.
Prasanna Malaiyandi:
They, they, they come, they, they are timed two things, right?
Prasanna Malaiyandi:
They, they would, a, a bad guy would do this.
Prasanna Malaiyandi:
They would leverage Valentine's Day, they would leverage Christmas,
Prasanna Malaiyandi:
um,
Prasanna Malaiyandi:
at the company or something like that, right?
Prasanna Malaiyandi:
W. Curtis Preston: exactly right.
Prasanna Malaiyandi:
Um, and so on one hand I totally understand why they did, why they did
Prasanna Malaiyandi:
what they did, but it's also messed up.
Prasanna Malaiyandi:
And then this guy that posted it, there were a lot of comments and people were
Prasanna Malaiyandi:
like, yeah, we were told we got a bonus.
Prasanna Malaiyandi:
We were told we got this.
Prasanna Malaiyandi:
We were told we got that.
Prasanna Malaiyandi:
And it was all, uh, a phishing test.
Prasanna Malaiyandi:
That's No, no, no, no.
Prasanna Malaiyandi:
It was a phishing
Prasanna Malaiyandi:
test.
Prasanna Malaiyandi:
Like it was the.
Prasanna Malaiyandi:
And so instead of getting a bonus or Edible
Prasanna Malaiyandi:
flowers, they get to go for a one hour training session on fishing.
Prasanna Malaiyandi:
W. Curtis Preston: yeah, yeah.
Prasanna Malaiyandi:
So you need to back up your stuff.
Prasanna Malaiyandi:
You need to back up Microsoft 365.
Prasanna Malaiyandi:
In this case, this is just the best, this is the current best example we have.
Prasanna Malaiyandi:
If we have a new one, we'll make another episode.
Prasanna Malaiyandi:
Um,
Prasanna Malaiyandi:
last.
Prasanna Malaiyandi:
Oh, one last thing to add.
Prasanna Malaiyandi:
Realize KPMG is a humongous company and they had issues.
Prasanna Malaiyandi:
If you're a smaller company right?
Prasanna Malaiyandi:
Don't feel bad that you're like, you haven't done anything yet, right?
Prasanna Malaiyandi:
So, but now that you know, go figure out how you are gonna
Prasanna Malaiyandi:
back up your SaaS applications.
Prasanna Malaiyandi:
If you're using Microsoft 365, figure out how you are gonna back
Prasanna Malaiyandi:
it up so you don't end up like KPMG.
Prasanna Malaiyandi:
W. Curtis Preston: Absolutely.
Prasanna Malaiyandi:
I will poorly quote Maya Angelou.
Prasanna Malaiyandi:
We did what we did when we knew what we knew, and now we know better.
Prasanna Malaiyandi:
We can do better.
Prasanna Malaiyandi:
Uh, it's, it's a great quote, um, even if I didn't quite get it
Prasanna Malaiyandi:
right, but that's Maya Angelou.
Prasanna Malaiyandi:
May she rest in peace.
Prasanna Malaiyandi:
Well, thanks persona.
Prasanna Malaiyandi:
Another fun episode.
Prasanna Malaiyandi:
was fun.
Prasanna Malaiyandi:
This was fun and I hope you sound a bit more cheerful now towards the end
Prasanna Malaiyandi:
versus, uh, about five minutes ago.
Prasanna Malaiyandi:
So that's a good sign.
Prasanna Malaiyandi:
W. Curtis Preston: I was angry and thanks for those of you that are listening
Prasanna Malaiyandi:
and, uh, look forward to some more.
Prasanna Malaiyandi:
You should have backed up your stuff, episodes coming here in the
Prasanna Malaiyandi:
coming weeks, and that's a wrap.
Listen On
