Story image

The top five ways data is lost in the cloud - and how to prevent it

09 Oct 17

The astronomical numbers of consumer cloud-based users worldwide just keep rising. Some 3.6 billion internet users are projected to access cloud computing services during 2018, up from 2.4 billion users in 2013.

A common assumption is that if data is deleted, ‘well, it’s in the cloud, so it must be backed up, right?’ Wrong.

An industry study a few years back showed that the risk of data loss is very real, even if a cloud infrastructure service sends the data offsite. In fact, 32% of companies using SaaS services reported data loss in an Aberdeen report.

How data is lost in the cloud:

  • User error (registered users accidentally delete or overwrite data) accounts for 64%
  • Hackers (outsiders break into the business systems) are responsible for 13%
  • Closing accounts (cloud app accounts are closed without regard for the data left behind) result in 10%
  • Malicious delete (users purposely delete critical data belonging to a company) causes 7%
  • Third-party software (data is overwritten by third-party software) makes for 7%

Cloud data protection

Clearly, organisations need a sound data backup plan to protect their cloud data. A good backup and recovery strategy can save many hours of time, thousands of dollars and potentially prevent bankruptcy.

Third-party tools for backup and recovery of SaaS data can keep information safe and ready for recovery at all times. Compared to SaaS native backup functions, third-party tools have improved flexibility and functions. They allow organisations to back up SaaS applications for each account, using a trusted cloud provider; manage backups easily from a single dashboard; avoid downtime for users; spend less time managing backups and recovery; and gain fast insight into the types of data backed up.

SaaS sync issues

Most SaaS users believe their data is protected by the service provider. But the service level agreements (SLAs) for most cloud applications indicate that the service provider bears little or no responsibility for data that is lost and has not been backed up.

SLAs typically cover the common causes of application downtime, but these refer to downtime in the cloud data centre, not what happens on the user’s computer. Once a user changes an object and closes the application, there is little a provider can do to restore the original object.

This is because cloud applications providers provide just that – cloud applications. They are not in the backup and disaster recovery business and most of them have no plans to be.

Most users are confident their data is safe because SaaS providers have really made a name for themselves in the software world. But there have been many documented issues with the synchronisation capabilities of the apps.

For IT administrators in companies that rely on cloud services for their productivity suite, the SLAs for cloud applications can be a headache times two. First, users are at risk of losing their data. Secondly, there is no guarantee of recovery in case of user error, malicious deletion or sync issues.

It is crucially important that end users are educated about the capabilities for backup and recovery of cloud applications. At the same time, managed service providers must ensure there is always a backup to restore from, should data be lost.

Storage vs backup

Businesses do not always follow best practices to ensure data protection. Threats like malicious deletes, unauthorised access to data or external app errors (problems with syncing) will also cause problems.

This is why using SaaS as a backup option, and not for storage or file-sharing (as it is intended), might cause trouble. Moreover, cloud application SLAs will not cover the situation in which data was deleted because of user error.

Ultimately, a business owns the data and is responsible for what happens to it – even if it is stored in the cloud.

How to prevent cloud data loss

Microsoft has a guide on best practices to prevent SaaS data loss with Office 365. This advice can easily be applied to any cloud application. It starts with knowing exactly what type of data is stored and what data must be protected. For any user of cloud services, the key take-away is to always implement three main rules for their data management:

  • Identify sensitive information across many locations: Keep track of documents containing sensitive information. Watch out for credit card numbers, names, and contact information of customers or company employees.
  • Prevent the accidental sharing of sensitive information: Studies have shown that around 16 percent of documents uploaded to the cloud include sensitive information. The trouble is, employees may inadvertently share them outside the organisation. Businesses can put processes in place to block access to these documents automatically, or prevent them from being sent out to email addresses that are not part of their corporate domain.
  • Help users without interrupting their workflow: Everybody hates downtime, which is why automated systems make it so much easier to keep track of our most important data and protect it.

Leading disaster recovery specialists have introduced set and forget solutions that backup cloud applications. The best of these are designed specifically for busy business people who need peace of mind.

By Marina Brook, Head of Sales APAC, StorageCraft Asia-Pacific

Jade Software & Ambit take chatbots to next level of AI
“Conversation Agents present a huge opportunity to increase customer and employee engagement in a cost-effective manner."
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
GirlBoss wins 2018 YES Emerging Alumni of the Year Award
The people have spoken – GirlBoss CEO and founder Alexia Hilbertidou has been crowned this year’s Young Enterprise Scheme (YES) Emerging Alumni of the Year.
SingleSource scores R&D grant to explore digital identity over blockchain
Callaghan Innovation has awarded a $318,000 R&D grant to Auckland-based firm SingleSource, a company that applies risk scoring to digital identity.
IDC: Standalone VR headset shipments grow 428.6% in 3Q18
The VR headset market returned to growth in 3Q18 after four consecutive quarters of decline and now makes up 97% of the combined market.
Spark Lab launches free cybersecurity tool for SMBs
Spark Lab has launched a new tool that it hopes will help New Zealand’s small businesses understand their cybersecurity risks.
Preparing for the future of work – growing big ideas from small spaces
We’ve all seen it: our offices are changing from the traditional four walls - to no walls. A need to reduce real estate costs is a key driver, as is enabling a more diverse and agile workforce.
Bluetooth-enabled traps could spell the end for NZ's pests
A Wellington conservation tech company has come up with a way of using Bluetooth to help capture pests like rats and stoats.