How businesses are run has changed, creating massive shifts in where/how data is stored and used. SaaS users (often unknowingly) are one wrong click, faulty integration, or cyberattack away from losing the data they rely on daily. Mike Potter, CEO, Rewind, explores how the business evolution hasn’t kept pace with security needs and why businesses must take back control of their data.
“But I don’t understand, isn’t it in the cloud?â€
That question is a part of my daily existence. Since day one of starting Rewind, it’s the number one question people ask me. It doesn’t matter if I am onboarding a new employee, talking to a potential investor, or just catching up with another CEO. People are always surprised that data in the cloud is not absolute. Yet, it’s the reality. If you don’t have a backup strategy in place, all the vital data you rely on can be wiped out for good.
The Hard Drive in the Sky
For most of history, data was primarily stored on a physical device. Decades ago, giant rooms with endless servers took care of things. It’s what has typically been known as “on-premise†backups. Companies had every byte on-site. But as the internet took over our global economy, the shift from “on-premise†to “out-sourced†began to emerge. Just as manufacturing companies outsourced parts of their business years ago, software companies realized the cost advantages and economies of scale they could achieve with cloud computing. Server rooms are expensive to set up and maintain. An internet connection is a fraction of the investment.Â
All of this convenience comes at a cost, however. Here’s the key difference between then and now: You don’t own the cloud infrastructure you use; you rent it. Just like renting equipment, a building, or any other tool you use to run your business, both the renter and rentee have obligations. For users of cloud computing tools, one of those responsibilities is backing up their own data.
Learn More: The Power of Data: How Organizations Can Improve Data Management in Cloud
The Shared Responsibility Model of Cloud Computing
Amazon made the term famous, but it is at the center of everything businesses must consider for a modern backup strategy. The model breaks down where a cloud provider’s duty of care ends, and the customers’ begins. And it doesn’t matter if you use IaaS, PaaS, or SaaS; the Shared Responsibility Model plays a role in the relationship with your cloud provider. Here is what it looks like if we map all the solutions side by side:
Source: Rewind
Even with SaaS, you are renting a company’s technology, but the responsibility of data protection rests with you, the customer. The reason? The data doesn’t live on your own servers or computers as a file. You access it through APIs using the SaaS provider’s technology. In other words, any time you upload or create new data, it’s moving back and forth in real-time.Â
There’s a distinction we need to make: cloud companies absolutely do “save†the data on their platform, and they protect it. But the data is not saved in a format that you can use to easily access/restore your account. Your data is lumped together with all their other customers. So, SaaS companies can’t just hit a “restore†button on their end if something of yours is lost. And if they do need to find your data, it could take days or weeks… and will likely be woefully incomplete. If you’re skeptical, just read the terms and conditions of your various SaaS tools. Here isOpens a new window GitHub’s, and here isOpens a new window Shopify’s. Â
And before you think the odds of something happening are low, we surveyed a few hundred SaaS users and discovered that 40% of them had previously lost data. That’s essentially a coin toss. There are few ways this can happen.
Learn More: Spring Cleaning: Tidying up Unauthorized Access in Multi-Cloud Configurations
Gone in Just a Few Clicks
The first is an external threat. This typically takes shape in the form of cybercrime (like phishing or ransomware) or a disgruntled contractor. It may sound far-fetched, but we have seen it happen. A business relationship goes sideways, and a contractor, who has access to your account, starts deleting data. By the time you realize something is happening, it’s too late. You may have legal recourse options for your business to recoup financial losses, but for the data, once it’s gone, it is usually gone for good.Â
The second threat to a data disaster is internal. The most common one is human error. Everybody makes mistakes. Especially now, as the modern tech stack for a business encompasses dozens of different tools. This means employees have access to all sorts of data sets, often with little training or understanding. This also means they can accidentally delete or compromise something. And it’s not always accidental. Just as external parties can sabotage things, we have also seen it happen internally when an employee is terminated.Â
And finally, other SaaS tools and applications can be a risk. All the APIs we rely on don’t always play nice together. We have seen apps overwrite or flat-out delete data. And businesses are very surprised (and typically unprepared) when it happens.
There are more ways data can go missing, but I’m certain you get the picture. The best way to mitigate these risks is to have a backup strategy. Whether you do this in-house (which is very labor-intensive) or leverage backup software, it’s in your best interest to control and save your data. If you encounter any of the data-loss scenarios we outlined, while you’re scrambling to figure out the next steps, your business no longer has all the vital data it relies on each and every day.Â
The cloud has created a world of convenience for businesses, as well as a whole new set of risks. Businesses should understand them all and be prepared. As businesses willingly give up control of their data to leverage the benefits of the cloud, they also need to be actively backing up their own data across all important SaaS applications.Â
Let us know if you liked this article or tell us on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!