Another Key Reason the Data Your Organisation Maintains in Cloud Apps Should Also be Backed Up to Your Own Data Vault
Part 2: Maintaining Control of Your Data At All Times
In our previous post, I argued that most businesses are mostly correct to entrust their corporate email and CRM functions to the major cloud app providers like Microsoft, Google and Salesforce. But I also pointed out that one key error many organisations make here is assuming that these large cloud vendors conduct regular, proper backups of their customers’ corporate data. In most cases, they do not.
Indeed, the SLAs provided by third-party Software-as-a-Service (SaaS) companies explicitly state what they are and are not responsible for — and to most people’s surprise, they assume extremely limited responsibility for customer data. As an example, read this statement from the Microsoft Cloud Terms & Conditions:
“We strive to keep the Services up and running; however, all online services suffer occasional disruptions and outages, and Microsoft isn't liable for any disruption or loss you may suffer as a result. You should regularly backup the Content that you store on the Services.”
— Microsoft Cloud Terms & Conditions
There are three reasons you would want to back up your own data hosted by cloud service apps like Office 365. In Part 1 of this series, I addressed the confusion between “availability” and “recoverability” and explained why you need to be sure you have the ability to restore accidentally deleted or corrupted data files. Here’s reason #2.
Reason #2: Maintaining Control of Your Data At All Times
As the IT Manager for your organisation, it’s important that you have control of all of your corporate data at all times. If data goes missing or gets corrupted or stolen, the blame will fall on you. If it were my responsibility, I’d make sure I knew where our corporate data was at all times, and how it was being protected, regardless of where it resided or on which devices.
For data that resides on a company’s own corporate servers, there are retention policies in place that dictate where that data is kept, how long it is kept, and how many copies are maintained. This is common sense. So why should it be different for data stored in a third-party cloud environment? It’s still your company’s data, isn’t it?
Without implementing a single data protection strategy for all corporate data, the data your company keeps in those third-party clouds is at risk. You have no control over the data retention policies or the physical location of that data. Furthermore, if your company is subject to industry or government compliance for data security and privacy, this lack of control over your data puts you at risk of violating those regulations.
It’s up to you as the appointed governor of your company’s data to guarantee its protection. Don’t trust those cloud providers with your data — because they don’t answer to you. Get it and protect it yourself.
Check back for the third and final blog article in this series to learn about REASON #3: IT Environment Flexibility.
Regional Sales Manager, Canada for KeepItSafe