Who moved my data?

Digital transformation has fueled cloud adoption across the globe from small firms to big conglomerates and everything in-between. SaaS applications have been instrumental in making that transformation effective in terms of being able to simplify communication and bring together distributed teams. A Gartner report states that by 2021 SaaS applications will reach 45 percent of the total application software spending by enterprises. The public cloud SaaS revenue is forecast to top $87B in 2019, owing to the decision of many organizations to move their enterprise assets to the cloud.

The other big part of the digital transformation story has been mobility.  Mobile devices in the forms of tablets, smartphones and ever lighter laptops are enabling knowledge workers to access their work data in SaaS applications anywhere and at any time.

If one thinks about it, the data landscape has morphed in a very fundamental way with the center of gravity having shifted from on-premise data centers to either SaaS applications or to the knowledge workers.  The action is now either on the cloud or on the endpoint, and that is a shift IT organizations are still dealing with.

In this post, we’ll focus on the data that’s shifted to the cloud.  While data has moved from on-premise servers to the cloud, how are IT administrators changing backup strategies?  Or are they? We observe that most often than not, companies do not treat their cloud data like they would had the data be on-premise. While companies have always had reasonably robust backup strategies for their on-premise data, there seems to be an inherent assumption that cloud is safe because it is already in the cloud.  Surely the SaaS vendor is backing up my data, right? Well…. Not really and not always.

To put that into perspective, SaaS vendors sign up to take the responsibility for security ‘of’ the Cloud like infrastructure and application uptime, customers are responsible for security ‘in’ the Cloud, which includes data itself, encryption and recovering from data losses. This is commonly referred to by SaaS vendors as the “Shared Responsibility Model”, a guideline that distinguishes between accountabilities that the SaaS vendor and the customer have respectively.

Fig1: Cloud vendor’s Shared Responsibility Model

 

Data moves, but accountability doesn’t

As it turns out, the key elements which drive the need for backups on-premise are all the same drivers for cloud data backups.  Accidental data losses, Regulatory Compliance, Ransomware protection and Insider threats.  So, your data may have moved to the cloud, but accountability for it doesn’t shift – that stays with you.

So, long story short, if you are still asking if you must back up your SaaS data, the answer is – Yes!

Please write back to us with your opinions.  And keep an eye out for future blog posts from us on this topic!

On-Demand Webinar: Backup SaaS Data - Really?

A free webinar that focuses on demystifying common misconceptions around SaaS and data protection.
Register now