Protecting your data in the cloud
As we continue to move into the information era, data is increasingly a foundational element of business. Data is collected, stored, and analysed allowing businesses to gain a new depth of insight into their customers and their habits with an endless amount of possibilities to grow business in a smarter, more agile way. This data needs to be available around the clock to ensure the operational success of the business. But this exploding proliferation of data has also attracted regulatory interest from a number of bodies including the Information Commissioner, the Financial Services Authority and the plethora of health care regulators.
Data that once lived in basements and backrooms is being moved to cloud-based servers and SaaS (software as a service) applications. Historically, data backup has always been a key component of any IT strategy – whether it was stored on floppy disks, duplicate servers, or in custom built applications. With this shift to the cloud, backup shouldn’t be taken out of the strategy; rather, it should be re-thought to be more adaptable and cost-effective – the same reason you moved to the cloud in the first place.
But isn’t the cloud already backed up?
There is a common misconception that the cloud is backed up. However, while Amazon, Google, Microsoft and Salesforce all have disaster recovery plans for the data they store on their servers, is that the only way you think you’ll be affected by data loss? It’s more likely that an employee is going to delete something they end up needing two weeks later than the possibility of all of Google’s servers being destroyed by a tornado. Google and Salesforce both have limited functionality when it comes to getting your data back if it is lost for reasons other than hardware failure or disasters.
In fact, Salesforce has a high cost associated with recovering your data and it can take up to 15 days. These applications usually aren’t the responsible party for your data loss, but they aren’t built to protect you against accidental or malicious actions either. In other words, if the data loss is your fault, you’re out of luck in most cases unless you have your own backup solution.
How common is data loss?
In their report entitled “SaaS Data Loss: The Problem You Didn’t Know You Had,” the
Aberdeen Group cites that 32% of companies surveyed lost data from within a SaaS application. That means more than one in every three companies lose data in the cloud.
In a similar report by Forrester titled, “Back Up Your Critical Cloud Data Before It’s Too Late” it was stated that companies were steadily increasing their use of SaaS applications. According to Rachel Dines, the analyst who wrote the report: “As more critical data is deployed in the cloud, it’s time for I&O leaders to be proactive and invest in mitigating these risks instead of waiting for data loss to occur.”
How can I lose data?
Data loss has serious implications for businesses affected. The Cloud Security Alliance list data loss in its top 10 cloud threats. For businesses that sustain data loss, statistics show that 60% of those companies will be out of business within 6 months of the disaster.
We see six main causes of data loss from cloud applications:
- Accidental deletion: While this is the most basic cause of data loss, it’s also the most common.
- Departing employees: As employees leave your organisation, what happens to the data associated with their accounts in your SaaS application? If you need to retain their data, you’ll need to pay ongoing licensing fees for inactive accounts.
- Hackers: Every news cycle brings a new story of a cyberattack. Criminals often target on-premises systems, but ransomware and other malware also impact critical data in SaaS applications.
- Malicious insiders: Whether it’s a disgruntled employee, a resentful contractor, or some other insider with the intention to do harm, malicious users are another common cause of data loss.
- Rogue applications: What happens when the app that’s supposed to consolidate duplicate records accidentally deletes or corrupts unique records?
- SaaS providers’ prolonged outage: An unexpected, prolonged SaaS provider outage can cripple your business.
How do I prevent data loss from causing business disruption?
We suggest a systematic and layered approach to protecting your company’s data, which involves all or a combination of the following measures:
- Good Data Management Processes
- SaaS Application Training
- Robust Password Policies
- Automated Backup with Easy Recover and Restore
Good data management processes means putting procedures, policies and checklists in place specific to SaaS applications. They could be focused on instances such as times of high-volume data or when users join and leave a company. Users should be thoroughly trained in order to understand the purpose of the application and the role the data plays in the success of the organisation. Passwords should always be robust and changed frequently.
All of these measures help to minimise the instances when data is lost, however, none replace your data once it’s gone. That is why having an automated daily backup such as Datto’s SaaS Protect solution can help businesses “set it and forget it” – and having some type of backup should be critical to your overall cloud strategy. The result is that your information is readily available when you need it, including in an instance of user error and deletion, allowing you to easily restore data with minimal business interruption.