Why You Must Back Up Your SaaS Application Data

Woman typing on a laptop

Microsoft Office 365 reached 180 million monthly active users last year and more than 5 million paying businesses are currently using Google G Suite. The volume of SaaS application data has been on the rise for several years. However, only 29 percent of small and midsize enterprises back up their SaaS data via a third party application. 

When it comes to SaaS applications, most organizations operate under a common misconception. They believe that they have backup and recovery with their SaaS provider, but there are significant limitations on what is typically provided.

SaaS providers practice a “shared responsibility” model when it comes to data protection. They will protect their customers from failures of their network, storage, servers, and application, but the customer is responsible for protecting their data from user and admin failures as well as from cybersecurity attacks. 

For example, here’s the breakdown of responsibilities for Microsoft Office 365:

Office 365 Data Protection Responsibilities

Common causes of SaaS data loss 

Admin mistakes:

Admins may inadvertently delete data that should have been kept. Once it’s gone, it’s gone in these cases, unless there’s a third-party backup solution in place.

Malicious insiders:

In Ponemon’s “Cost of Cybercrime Study,” malware and malicious-insider cyberattacks accounted for one-third of the cybercrime costs in 2018 amounting to $13 million. Disgruntled employees can delete data to spite their employers or for personal gain. 

Malware and cyberattacks:

According to the 2019 Ponemon Institute’s Cost of Data Breach Report, 51% of breaches were caused by malicious attacks. Of course, a data breach may be different from a data loss involving your SaaS application data. But the statistic illustrates the relative frequency of malicious attacks that could impact you SaaS data.

Let’s take a closer look at Office 365 data retention

When a retention policy is assigned to an Office 365 mailbox or public folder, content can follow one of two paths (per this document on Microsoft’s website):

Office 365 Data Retention Policy

As stated in the Microsoft article:

  1. If the item is modified or permanently deleted by the user (either SHIFT+DELETE or deleted from Deleted Items) during the retention period, the item is moved (or copied, in the case of edit) to the Recoverable Items folder. There, a process runs periodically and identifies items whose retention period has expired, and these items are permanently deleted within 14 days of the end of the retention period. Note that 14 days is the default setting, but it can be configured up to 30 days.
  2. If the item is not modified or deleted during the retention period, the same process runs periodically on all folders in the mailbox and identifies items whose retention period has expired, and these items are permanently deleted within 14 days of the end of the retention period. Note that 14 days is the default setting, but it can be configured up to 30 days.

However, Microsoft’s policies are not designed so that customers have direct access to backed up data with the ability to easily restore it. In fact, the Office 365 service-level agreement addresses availability, not recoverability of your data.

For these reasons, it’s important for businesses to take the responsibility for their SaaS data backups and recovery to prevent data loss.

Enhanced protection for SaaS data

Data loss by human error, malicious insider action, or cyberattack can be extremely detrimental to an organization’s business continuity.  

Having a cost-effective backup and recovery solution that enables you to back up all your SaaS data is an important consideration for your business.

Kaseya Office 365 Backup allows users to back up and restore Office 365 and SharePoint data directly and easily from the Kaseya VSA endpoint management solution.

It uses the OAuth 2.0 protocol rather than less secure service accounts and passwords to access Office 365 and ensures protection of data in transit with 128-bit SSL and at rest with 256-bit AES encryption, one of the strongest block ciphers available.

To learn more about Kaseya Office 365 Backup, download the product brief here.

Kaseya VSA Agent Procedure

Kaseya VSA Launches New Agent Procedure Editor

Remote monitoring and endpoint management tools, like Kaseya VSA, automate IT processes and auto-remediate IT incidents by executing scripts —“agentRead More

Remote work during coronavirus

Leading IT Through a Health Crisis

The COVID-19 pandemic has swept the world and turned life upside down for all of us. IT leaders worldwide faceRead More

Automation Kaseya VSA

What is Policy Based IT Automation and Why Should You Care?

Many IT teams come to Kaseya looking to do things like remotely manage their endpoints and implement better software patchRead More

endpoint management

Manage and Secure Your Endpoints Efficiently From a Single Console

In the Kaseya 2019 State of IT Operations Survey Report for Small and Midsize Businesses, more than half the respondents came from organizations with five orRead More

Connect IT Global - You're Invisited! - 100% Virtual - August 24-27, 2020
2020 MSP Benchmark Survey Report

Archives

Categories