The Future of Data Protection in the Cloud

Businesses are embracing the cloud at unprecedented rates but the convenience of the cloud comes at a price. Mike Potter, CEO at Rewind explores the underlying and often undiscussed risks for SaaS customers along with the implications for data protection in the cloud. 

Businesses of all sizes embraced the cloud at unprecedented rates in 2020. According to a surveyOpens a new window of 250 IT professionals from this past summer, more than 80% of respondents had increased their overall cloud usage. IDG’s 2020 Cloud Computing SurveyOpens a new window showed 59% of respondents would have the bulk of their digital assets in the cloud within the next 18 months. And now, according to GartnerOpens a new window , global spending on cloud services will rise 18.4% in 2021, with growth continuing well into 2024. 

This astonishing growth bodes well for purveyors of IaaS, PaaS, and most specifically SaaS, which has the largest reach of all cloud computing products. (According to Crunchbase, there are over 18,000 SaaS companies worldwide today.) As every vertical, from health care, construction, accounting, even governments, begins to embrace the cloud, both their tech stacks and the volume of data they create grow at an accelerated pace. 

However, the convenience of the cloud comes at a price; SaaS customers are exposed to an underlying risk few people talk about. This risk stems from a general misunderstanding of how cloud computing works. 

Learn More: Navigating Enterprise Data Security Journey

Limitations of Cloud Computing 

There is a common perception that if something is “in the cloud,” it’s always there. However, simply storing cloud data does not mean it is completely secured. The prevalence of cloud products like Box, Dropbox, Microsoft 365, Google G Suite/Drive, etc., has created an assumption that cloud data will always be available.

The reality can be found in something called the “Shared Responsibility Model.” It essentially outlines where a cloud provider’s duty of care ends and that of the customer begins. And there are differences depending on whether you are using IaaS, PaaS, or SaaS.

The above chart really brings the scope of the shared responsibility model into focus. As you move right, the customer’s responsibility for securing and protecting sections of their data decreases. Take note that SaaS customers are still on the hook for securing and protecting their data. This is the model that BigCommerce, GitHub, Shopify, Slack, Trello, QuickBooks Online, Zendesk, and thousands of other SaaS applications follow. 

You would think with so many SaaS applications in use; the shared responsibility model would be well known. That’s simply not the case. According to a study commissioned by Oracle & KPMG, IT professionals have the biggest knowledge gap around shared responsibility for SaaS solutions. In fact, only 8% of people surveyedOpens a new window felt they grasped the concept when discussing SaaS.

Learn More: What Is Data Security? Definition, Planning, Policy, and Best Practices

SaaS Data is Easy to Use; But Easy to Lose 

SaaS is very accessible and efficient to run, making it especially appealing to companies with a remote workforce. According to Microsoft, 94% of businessesOpens a new window also reported security benefits since moving to the cloud. This can certainly be true; however, as we highlighted earlier, it depends on your understanding of the Shared Responsibility Model. Your data is still at risk from human error, cyberattacks, and even integrations from other SaaS tools or applications.

Cyberattacks had already been on a dramatic rise before Covid-19. Now both the FBIOpens a new window and Interpol have reported increases Opens a new window in all forms of attacks. Interpol said the bulk of attacks were ransomware, phishing, and data mining. Historically, large brands have been the primary target for cyberattacks, but now businesses of all sizes are being targeted. These attacks can wreak havoc on business data, either compromising it or deleting it altogether.

With the rapid shift to remote work and the inevitable distractions that working-from-home can bring, mistakes are more likely to happen. 

Finally, not all online tools work well together. Third-party integrations often have incredible levels of access to not just the data you enter but all the other connected pieces of software. Companies with up to 50 employees run an average of 20 SaaS applications daily, and companies with over 1,000 employees use over 200. This is a perfect recipe for data being compromised or accidentally deleted. 

All of these risks may feel far-fetched, but they happen. And they happen frequently. A recent Rewind survey indicated that 1 in 4 businesses had lost critical data stored in the cloud. And the three leading causes were cybercrime, human error, and integrations.  

Learn More: Political Cost of Data Leaks: Data Security in the Crosshairs

The Future of Data Protection

Looking ahead to 2021, a modern backup strategy will take into account the data that needs to be protected and create a seamless data-control experience for users. Vital business data used to be secured on-premise, in large server rooms. Today, businesses have a complex web of different software solutions that look different and operate in silos for the most part. It has evolved, but it’s far from perfect.

Data storage is still fragmented. It’s on hard drives, remote servers, and basic cloud storage. It’s often outdated and typically unorganized. Furthermore, much of the data created in SaaS applications can’t be exported or easily imported. When a data disaster inevitably happens (and it will), how will you restore and replace all this vital information you rely on for everyday operations?  

This means businesses need full control over their data. Information is one of the most vital assets we use to run modern businesses. Cloud backups need to evolve to a place where they are more than just backups. Businesses need solutions that create a seamless process for finding, transferring, and restoring data in seconds, regardless of platform. As organizations worldwide shift to the cloud, they need to shift their thinking around how they protect the data that powers their business.

Let us know if you liked this article or tell us on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!