Ransomware attacks, internal hacks, and accidental deletions can result in business-critical SaaS application data being lost. Here, Metallic CTO David Ngo describes how SaaS disasters occur and why an intelligent data protection strategy is key to the recovery process.
The benefits of Software as a Service (SaaS) are leading many organizations to replace their on-premises office productivity, customer relationship management, and other business applications with SaaS applications. By adopting SaaS applications like Office 365 or Salesforce, these organizations lower their hardware costs, increase their employees’ productivity, and free their IT staff from worrying about application management and maintenance.Â
However, while SaaS applications have removed many items from organizations’ to-do lists, data protection is not one of them. In particular, if organizations want to secure their SaaS data from end-to-end, they need to ensure this data is backed up and can be recovered after ransomware or other cyberattacks. Only by backing up this data can organizations ensure they have a last line of defense in place that will allow them to quickly recover any business-critical SaaS data such an attack has altered, locked, or destroyed.
It is true that SaaS and other cloud service providers have strong security and data availability technologies and processes in place that help prevent such attacks from accessing the SaaS applications themselves while also helping keep your SaaS applications available practically 24/7.Â
However, these technologies and processes can still fail to prevent a ransomware attack, malicious internal hack or even an accidental file deletion from causing your organization’s SaaS data to be altered, locked or lost. And under the “shared†or “distributed†responsibility model used by SaaS providers, while the SaaS provider is responsible for their application’s infrastructure and availability, it is the SaaS application customer – i.e., you – who is responsible for protecting the actual data used by the SaaS application.Â
Without an intelligent data protection strategy in place that backs up your SaaS application data to a secure location, supports quick, granular recovery of this data, and retains this data in compliance with legal and other business requirements, you don’t have full, end-to-end security in place for your business-critical SaaS data – increasing the risk that you might lose it.Â
Here are three leading causes of SaaS data leakages.Â
1. Ransomware Attack Locks SaaS Data
For example, consider how a ransomware attack could lock up a manufacturing company’s SaaS data. Using a phishing email, a cybercriminal gains log-in credentials from one of the company’s employees. These credentials allow the criminal to avoid their SaaS-based customer relationship management application’s built-in security mechanisms and gain entry to the application.Â
While the criminal can’t encrypt the SaaS application itself, they can use the user’s credentials to access and encrypt the customer data stored in the application. Next, the criminal sends the organization’s IT team an email telling them their customer data has been encrypted, and if they want the key that will unlock it, they will need to make a large bitcoin payment to him.
Because the business did not have dedicated data protection, which stores backup copies outside of their production environment, all of their customer relationship management application’s data is locked – bringing their sales operations grinding to a halt. The organization must decide whether to pay the lofty ransom and hope the criminal provides them with the key they need to unlock the data or face losing this customer data altogether.Â
2. Disgruntled Employee Destroys DataÂ
Threats to SaaS data can also reside within the organization itself. In this example, a disgruntled IT administrator is leaving a marketing firm. However, before doing so, she goes into the company’s SaaS-based document management application and wipes out several important client document files – hard deleting them from the system. Since these files were hard deleted, and no backup was in place to retain a copy of these files, the organization can’t recover the files when it realizes they are gone.
3. Executive Accidentally Deletes Files
Malicious intent is not required for an organization to experience a data disaster. For example, a technology company’s CFO might accidentally delete a spreadsheet he used to evaluate a corporate acquisition’s desirability. A year later, a competitor sues the company over the acquisition, and the judge in the case issues a discovery order that requires the company to turn over the spreadsheet.
The CFO deleted the spreadsheet more than six months ago. And the SaaS provider only retains deleted data for 90 days. If the company can’t recover the file, they will need to tell the judge they do not have it – hurting their case, especially as the data in the file would have supported the company’s legal argument.
Avoid Disasters With an Intelligent SaaS Data Protection Strategy
Organizations can avoid having situations like this result in data loss or significant interruptions to their business operations – if they have an intelligent SaaS data protection strategy in place. For this exact reason, most SaaS providers recommend that their customers use a third-party data protection solution to implement such a strategy.
What should such an intelligent SaaS data protection strategy look like? To start, it should have processes and solutions in place that ensure that the company can frequently back up their SaaS data to an air-gapped, immutable location with a different security domain than the SaaS applicationOpens a new window . In addition, to ensure the integrity of the backup, no one from the company itself should have access to the third-party’s infrastructure.Â
This separate, air-gapped copy will provide the company with a secure, pristine secondary copy of their SaaS data to recover if there is a disaster. For example, in the case of the successful ransomware attack described above, the company could simply ignore the cybercriminal’s demands and rapidly restore all their SaaS data from an isolated secondary copy.
While being able to restore all your SaaS data is good, an intelligent data management strategy that allows you to search and restore SaaS data at a granular level is even better. With such a strategy, organizations can find and recover only data that has been altered, locked, or deleted – greatly accelerating the recovery process. In the example of the marketing firm described above, a third-party solution that offers the firm granular search would allow them to quickly find and restore only the client files deleted by the disgruntled administrator, rather than all their SaaS data.
An intelligent SaaS data protection strategy also ensures that the organization is backing up and retaining its active and deleted data for a period that meets all its legal and other compliance requirements. By retaining SaaS data backups across this data’s entire date lifecycle, these organizations can ensure that even if an employee accidentally deletes a file – like the CFO’s accidentally deleted spreadsheet mentioned previously – the file can be recovered.
Move Forward In Your SaaS Journey
As organizations increasingly adopt SaaS, they need to make sure this SaaS data is as protected as their on-premises data. In doing so, they can better secure this data, allowing them to realize the many benefits of SaaS while preventing a ransomware attack, internal hack, accidental deletion, or another disaster from causing them to lose business-critical SaaS data.Â
Let us know if you liked this article on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!