“Dude, where is my data? — How data is lost in the cloud
How data is lost in the cloud
According to Statista, as of 2022, more than 60% of all business data is stored in the cloud. The Thales Cloud Security Study 2022 found that 45% of organizations surveyed had experienced a data breach involving data in the cloud. Data loss in cloud applications is not uncommon or unheard of and can occur for several reasons. The main reasons for SaaS data loss include:
Human error/accidental deletion
According to the Enterprise Strategy Group (ESG) research report The Evolution of Data Protection Cloud Strategies, deletion is the leading cause of SaaS data loss, whether accidental (20%), external and malicious (19%). ), or internal and malicious (6%). Employee negligence/human error is responsible for most data loss incidents and breaches in the SaaS world. According to Verizon’s 2022 Data Breach Investigation Report, more than 80% of breaches involved a human element.
Companies using SaaS applications should understand that if someone with valid credentials takes action, SaaS providers, such as Microsoft, Google, or Salesforce, also known as “processors”, will consider the request legitimate and will treat. This means that SaaS providers will add, remove or modify data on request. The context of the action (accidental, malicious, fraudulent, etc.) does not matter if valid credentials authenticate the command, including programming and script errors.
External hackers, ransomware and viruses
As more organizations turn to the cloud, it’s only natural that threat actors will increasingly target cloud data using new tactics, methods, and procedures. In 2021, ransomware was responsible for more than 20% of all attacks and continued to dominate the cyber threat landscape, according to IBM X-Force Threat Intelligence Index 2022.
Ransomware threat actors target critical data to impact organizational operations and drive the best performance. Microsoft validates this concern and encourages its users to implement ransomware protection for the security of their Microsoft 365 tenant. If this is not enough, new virus and malware variants appear daily, increasing the risk of loss of SaaS data. Approximately 300,000 new pieces of malware are created every day to target individuals and organizations.
Malicious insider activity
Despite the implementation of several technical and operational security measures, accidental and malicious insider activities are more difficult to prevent. This challenge exists in both on-premises and cloud computing infrastructure. With new tricks up their sleeves, threat actors are increasingly targeting individual employees for internal efforts rather than searching for vulnerabilities in an organization’s networks and systems. Additionally, events such as the “Big Resignation” due to disgruntled IT industry employees indicate that malicious insider activity is set to increase for the foreseeable future.
“Dude, where is my data? »
Almost 60% of respondents in the Thales Cloud Security Study 2022 said that at least 40% of their data in the cloud is sensitive. With the large volumes of important files, folders, and records businesses store in the cloud today, a data loss/breach incident could be catastrophic.
When businesses use a SaaS solution, they operate under the “shared responsibility model,” which means keeping your vital data secure in the cloud is a partnership between you and your cloud service provider. SaaS vendors such as Microsoft, Google, and Salesforce are responsible for application uptime and availability. This means you can access your productivity tools and files anytime, anywhere, and from any device via the Internet. However, you are operationally and contractually responsible for data protection and account and access management.
Unfortunately, many organizations still don’t back up their SaaS data. This is because they mistakenly believe that backing up SaaS data is unnecessary and that solution providers back up and protect their data. In fact, according to the Data Protection Cloud Strategies 2021 report, 35% of organizations surveyed rely solely on SaaS providers to protect their data. Although SaaS providers are responsible for fixing issues that arise due to deficiencies on their end, they are not responsible for data loss or downtime that occurs due to human error, programming errors, internal activities or cyberattacks.
Microsoft, Google, and Salesforce operate data centers with world-class disaster recovery capabilities to protect against infrastructure threats such as hardware and software failures, power outages, and natural disasters. Yet they can’t protect you from the most common causes of cloud data loss.
The table below clearly distinguishes the responsibilities of the supplier and the customer.
|Responsibilities of the seller||Your responsibilities|
|Hardware failure||Human error|
|Software failure||Programming errors/misconfigurations|
|Natural disaster||Malicious insider activity|
|Power outage||External hackers|
|Deletion requests||Ransomware and viruses|
Secure your data in the cloud with Spanning Backup
The Ponemon Institute and IBM’s 2022 Cost of a Data Breach Report found that the average total cost of a data breach rose from $4.24 million to $4.35 million in 2022 With businesses increasingly relying on SaaS solutions for day-to-day operations, data loss or downtime can seriously impact an organization in more ways than one. Although Google, Microsoft, and Salesforce provide basic native functionality to help customers protect their data, there are significant gaps that need to be filled.
Spanning Backup for Microsoft 365, Google Workspace, and Salesforce closes gaps in native functionality to protect critical data from the most common causes of data loss such as phishing, ransomware and malware attacks, human error, and more . Spanning is unique in its ability to allow administrators as well as end users to quickly find and restore data to its original state with just a few clicks. It is remarkably easy to install, manage and use. More than 10,000 organizations rely on Spanning’s powerful yet easy-to-use capabilities to secure their SaaS data.
See for yourself why Spanning is the leading cloud-to-cloud backup solution.
Request a demo today