Cloud computing offers enterprises so many advantages. Not least is their potential for scalability and cost saving as companies don’t have to buy and maintain their own IT infrastructure. In a 2017 survey, 70% of business respondents anticipate gaining a competitive edge with cloud services.
There is also an ever-growing number of applications that run solely in the cloud. The trend towards ever greater reliance on cloud services for enterprise will only increase.
There are some misconceptions, however, about who has responsibility for data in the cloud.
Your Data, Your Risk
The best cloud service providers have multiple data centres and redundant data stores. These ensure business continuity, data recovery and enterprise security.
But there are limits. Users must understand what providers are responsible for, and what other protections they should have.
Data Protection Responsibilities
There are many risks for company data. These include:
- Natural disasters and power outages
- Human or programme errors
- Malicious insider attacks
- External threats from malware and viruses
- Hardware or software faults
Cloud service providers offer some protection, with businesses themselves undertaking protection for what isn’t covered in a cloud service-level agreement.
Cloud service providers such as Microsoft protect:
- Operating Systems
- The network
The customer or business using the service is responsible for protection of:
- Their own data
- Application administration
- Their users
While SaaS providers make sure the infrastructure stays available, the customer is responsible for protection against data loss. Data loss can happen in a flash and not necessarily through malicious intent. Accidentally deleted data, for instance, can wipe out entire customer records. Human error is actually more of a problem than external hacker threats.
Options for backing up data include on premise solutions but there are limitations. For one thing, it’s something of a step backward when the point of the cloud is that you no longer need on premise hardware and infrastructure. Another limitation is that vital metadata could be missing from your backup, making restoration a lengthy and complex process.
SharePoint and OneDrive-for-Business
SharePoint and OneDrive-for-Business are good examples of Microsoft cloud services.
Both rely on the collaborative capabilities of Office 365 and have primary and secondary recycle bins with a 93-day retention of deleted files. These won’t, however, protect against loss of data in accidentally deleted files when the recycle bin is emptied.
OneDrive has a restore feature, allowing users to roll back to a previous data entry point. But roll-back offers only limited protection against data loss. Deleted files are gone forever, and you can’t selectively restore files either. It’s an all or nothing option.
The Office 365 service-level agreement does not include data recoverability. It only addresses availability of the service. Enterprises need robust additional backup plans to safeguard against disastrous data loss.
Cloud-to-cloud backup offers several advantages over on-premise solutions or those currently offered by SaaS providers, and plugs the gaps left by both. But even these are not fool proof as the technology is still developing. That said, cloud-to-cloud backup services are improving, with capabilities to backup IaaS data, SaaS applications or entire virtual machines.
In the end, the customer is responsible for company data backup and recovery capabilities. Please contact us if you’d like more information on cloud-to-cloud backup or for advice on how to best manage your company’s valuable data.