Why SaaS explosion won’t last without resilient backup

image of office

Investing in Software-as-a-Service (SaaS) has become fairly standard practice within the business world. The subscription format of SaaS naturally appeals to enterprise customers due to its affordability and flexibility. And being based in the cloud has also made it ideal for the multitudes of businesses that pivoted their operations away from being office-only.

Plus, the convenience of SaaS – the vendor’s responsibility to provide software updates and bug fixes and maintain system availability has given IT leaders one less thing to think about. These tools have been critical to supporting organizations’ wider digital transformation efforts by making applications and data accessible from anywhere.

However, IT leaders can’t rest on their laurels become complacent and assume that just because they’re using SaaS tools, their data will always remain available and protected. While SaaS providers may have service level agreements in place around maintaining availability and uptime, the responsibilities around data protection, backup and what happens if a breach happens can be less clear. Administrators are not always aware of the need to take responsibility for their own third-party backup, or even simply ensuring that their data is adequately protected.

Build-in backup is proving a false sense of security

Today, many businesses are operating under the misconception that built-in backup is enough to sustain long-term data security. This view has been formed from the perception that backup systems don’t go down – and even if they did, it would be the vendor’s responsibility not the businesses.

For example, users of Microsoft 365 rightly assume that any outages involving applications, network controls, operating systems and physical networks will be managed by the SaaS provider. But the largest number of outages don’t come from SaaS providers themselves – instead accidental deletions, misconfigurations or bad actors gaining access can all deliver the same unfortunate end result – data goes missing.

Without a robust backup, your data could be gone. In some ways, SaaS tools are like using a rental car – the provider makes sure the car is fueled, clean and ready to go, but once driven off the forecourt, it is the customer’s responsibility.

Have a clear plan in place with your vendor

There’s sometimes a feeling of passing the reigns of responsibility to a vendor once business leaders have signed on the dotted line of a SaaS subscription deal. It’s true, the vendor will probably have a greater ongoing input into your SaaS solution’s performance. However, you need to view this relationship as a collaboration rather than purely outsourcing.

While IT decision-makers understand the benefits of shifting responsibility for deployment, upgrades and shifts incapacity, many don’t realize the actual responsibility of the data usually remains with the tenant. SaaS vendors typically leverage a shared responsibility model that spells this out clearly.As a business begins to invest in

SaaS tools, it needs to keep the channels of communication wide open with their vendor. Roles
and responsibilities need to be clearly defined by providers, so nothing falls through the gaps
due to misunderstandings or miscommunication.

These conversations should also cover disaster planning – not because of a need to assign blame – but to have a well-honed system to respond to a data protection incident. Regardless of how good your security is, falling victim to an outage, data breach or other cybersecurity incident is usually a case of when, not if. This risk extends to the backup data an organization might keep themselves. Veeam’s 2022 Ransomware Trends Report, for example, has found 72% of organizations surveyed globally had partial or complete attacks on their backup repositories.

Formulate a backup strategy

Here are the considerations all organizations must consider in developing best practice data protection strategies:

  1. Prepare your systems for
    a data breach. This will entail strategizing with your vendor and disaster planning by assessing where the weak points lie, and bringing those up to standard wherever possible.
  2. Keep in mind that businesses are only able to recover 64% of their data on average following a ransomware attack, according to Veeam’s 2022 Data Protection Trends report. So, assume the worst, and plan accordingly.
  3. Check your storage and backup measures against any relevant compliance regulations because some SaaS tools may not automatically comply with what’s required within your region. For instance, SaaS tools usually back up data for 120 days which is insufficient in areas where regulatory boards require businesses to hold onto data for several years. If you haven’t backed it up, it’s too late to restore it once it is deleted.
  4. Be clear on who is doing what. What’s your vendor’s shared responsibility model? You must be able to know where your data is always, and who is actively overseeing it.
  5. Before you begin integrating a SaaS backup solution, first determine how you would leave that vendor by negotiating exit strategies upfront. You don’t want to end up in a scenario where your data is being held hostage at a price point they suddenly determine after you inform them you want to leave. SaaS’ continued growth means that it is likely to remain a significant way organizations of all kinds manage and run their IT, and
    by extension, their critical day-to-day operations. As such, it’s worth businesses dedicating time to understanding how to keep their data protected – as well as adjust processes accordingly. Thankfully it does seem this is starting to happen in the UK, with the 82% of UK businesses who say they’re planning to increase data protection budgets over the next 12 months, according to Veeam’s Data Protection Trends Report 2022.
  6. The ongoing support of vendors is probably one of the biggest benefits of SaaS. However, don’t get caught up in the positives of SaaS by forgetting that accountability for data security will always lie with your business. So, relying on built-in backup is not enough – back up your built-in solutions and save yourself a headache further down the line. Your business-critical information deserves no less than Modern Data Protection to keep it backed up, recoverable and secure – regardless of the environment, it lives in.

By: Dan Middleton, Regional VP UK&I, Veeam Software

Choose an AI solution to transform beyond technology

Kit Cox • 09th December 2024

The first step is knowing exactly what your business wants to achieve with AI; think faster, smarter and more efficient. Once you know what you are working towards, you can start looking for a solution that can help you make it a reality. AI integration can feel like a daunting task at the beginning, so...

A Roadmap to Security and Privacy Compliance

John Lynch Director of Kiteworks • 04th December 2024

Only by understanding the current regulatory environment and implementing robust data protection measures, can organisations enhance their security posture, ensure compliance, and build resilience against the latest cyber threats. This article provides a comprehensive roadmap of how to do it.

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...