EDITOR ’ S QUESTION
JON TOOR , CMO , CLOUDIAN
common pitfall we see is organisations relying
A solely on their cloud provider for security and data protection . In fact , ESG Senior Analyst , Christophe Bertrand , recently stated that 35 % of organisations using Software-as-a- Service ( SaaS ) completely abdicate their data backup and recovery responsibilities to SaaS vendors . What they fail to realise is that many SaaS providers don ’ t actually provide full data protection .
For example , Microsoft Office 365 offers geo-redundancy , which protects data from site or device failure , but this does not constitute a true data backup . If data is accidentally deleted or maliciously attacked , Microsoft 365 offers limited recovery options . While it does provide basic recycling bin capabilities , Microsoft 365 only stores deleted files for a limited period . Beyond that time frame , the data is permanently deleted . Worse , if a user is accidentally deleted from Microsoft 365 , his / her data is erased entirely from the entire Microsoft 365 network .
All of this highlights the need for organisations to take greater responsibility for safeguarding their data , particularly with the proliferation of ransomware attacks over the last two years . This means ensuring their cloud provider has comprehensive security measures in place or adopting a hybrid cloud strategy in which such measures are applied on-premises in their own data centre .
Regardless of where they ’ re deployed , these measures should include traditional defences such as anti-malware software and anti-phishing training . However , because these defences often fall short – in a recent survey we sponsored , 49 % of ransomware victims had perimeter defences in place and 54 % had conducted anti-phishing training – organisations must also protect data at the storage layer .
This means encrypting data both inflight and at-rest to keep cybercriminals from reading it or making it public in any intelligible form . In addition , organisations should have an immutable ( unchangeable ) backup copy of their data . Immutability prevents such criminals from altering or deleting the data and ensures the ability to recover the uninfected backup copy in the event of a ransomware attack , without having to pay ransom .
Whatever your cloud-based application may be , maintaining a copy of your data on-prem gives you recourse in the event that something goes wrong .
Whether it is a data corruption issue , service interruption or hacker encryption , having an on-prem copy of your data gives you options . Furthermore , it gives you full control over the management policies , retention of deleted data and immutability settings .
Data is the lifeblood of any organisation . Think of the cloud as yet another IT resource , not an infallible entity , and then act accordingly .
WHATEVER YOUR CLOUD-BASED APPLICATION MAY BE , MAINTAINING A COPY OF YOUR DATA ON-PREM GIVES YOU RECOURSE IN THE EVENT THAT SOMETHING GOES WRONG .
30 www . intelligentdatacentres . com