Exploring the paradigm shift from backup to data protection
Smart organizations evaluate their overall data footprint and transform their traditional back-office IT to a streamlined data protection approach for both cloud and on-premises data.
Since the inception of computers and beginning as early as the 19th century, there has been a need to back up data in case of possible disasters, both natural and manmade, or hardware and software malfunctions. As computers
have evolved over the years, backup technologies, philosophies, and processes have changed in parallel.
For today’s computing environments, backup is only one part of a comprehensive data protection plan for critical organizational, customer, and partner data. Even with hardware more reliable than ever before, there is still a critical need for a thoughtful, multi-faceted data protection plan.
The IT decision maker of 2018 is faced with several challenges and many opportunities. There are more technologies and services available than ever before to organizations—a veritable Sears catalog of affordable SaaS services.
Organizations are going to continue to move more data to the cloud with an eye to the cost savings achieved by renting infrastructure as opposed to buying it and building it from the ground up. This also grants employees access to data everywhere, on any device with an internet connection. The increased complexity means that some
data resides in the cloud, though most still remain on premises. That’s why a sensible and well-thought-out data protection the plan is a must.
Yesterday’s back office and the rise of the cloud
With the rise of cloud and software-as-a-service (SaaS) displacing on-premises enterprise applications, some might think of backing up the data is not a requirement: that’s the responsibility of the cloud or SaaS provider, isn’t it? This mentality is a mistake, as protecting cloud-hosted data should be a critical piece when implanting and reviewing data protection services.
It is true that the various SaaS providers—from Salesforce, Office 365, and Workday to the three thousand others—most certainly back up the data. And cloud providers also have some security advantages. For example, they offer much more contingencies plans than a typical IT department does, with more diligence paid to software updates and the latest technologies for malware detection, signature-based or other.
It’s worth noting that SaaS providers most likely offer more physical security for their data centers as well. However, at this level, this type of backup does not protect your organization from human error or malicious attack.
Essentially, bringing organizational data to the cloud does not mean you leave access governance and security in the hands of the cloud providers. In many cases, access and security controls, as well as usage tracking capabilities, are limiting.
Protecting data in the cloud is partly your responsibility
AI-powered malicious bots from the “dark web” can assume the user behavior patterns and ruin data stored in SaaS services. Granted, these black-hat bots can also do harm to on-premises systems, and this is why the IT department down the hall has a rescue backup and recovery.
But what about the valuable data stored in the SaaS CRM system?
SaaS data needs to be backed up separately from the primary source, by a trusted third party, in order to protect against emerging threats that corrupt, hold ransom, or destroy critical information.
In fact, if you look back over 2017’s data breach events, there are several examples to point to involving data protected by cloud providers. For example, the Republican National Committee leak exposed voter data for nearly 200 million United States citizens. That data was housed on the Amazon Web Services (AWS) cloud provider. That breach wasn’t even AWS’s fault. This is why the organizations need to “re-think” backup and up-level to a more comprehensive data protection theme.
Consider your entire data footprint – Data protection
Achieving an overall data protection plan means considering the overall data footprint where the data resides, regardless of physical location. This means thinking beyond on-premises backup systems. SaaS data is often overlooked, perhaps on the belief that the data is already protected—but it really isn’t. SaaS vendors strive for reliability, but they are also susceptible to software defects, infrastructure failures, and human error.
As a start, replace “backup” with “data protection” in your IT lexicon. By doing this, you will recognize the need for a more thoughtful and comprehensive plan to protect data.
• A security review of data stored in the cloud
• A review of contingency plans for outages
• Enforcing policies for compliance and data access
• Reviewing SLAs from SaaS/cloud vendors
The bottom line is this: regardless of where your data resides, you must apply all of the same data access and security controls you’d enforce if that data were in your own on-premises infrastructure. A good plan is to evaluate security and data protection technologies that span both on-premises and cloud data to provide a central platform to manage all your organizational data.
Taking a unified approach will combine key capabilities and functionality that is essential for effective data protection. Companies will continue to move more data to the cloud for the benefits to performance, reliability, and elasticity.
If you are smart, you’ll evaluate your overall data footprint and transform your mentality and approach from traditional back-office IT to a streamlined and easily managed data protection technology stack that covers both cloud and on-premises data. Contact Musato Technologies to learn more about our innovative ICT solutions and services.
An article by Greg Arnette