Search
Close this search box.

The Misconception surrounding Cloud Service Data Protection

Share This Post

Cloud Services are vulnerable to outage, and Data Protection is the customer’s responsibility.

On January 25, 2023, a global network outage hit Microsoft affecting users of Teams, Azure, Outlook, SharePoint and Xbox Live. Social media was overwhelmed with users venting anger at not being able to send or receive emails or connect to Teams meetings. The same day Germany’s federal cyber agency (BSI) was reported to be looking into several DDoS attacks (distributed denial-of-service) targeting websites across the country. An outage analysis conducted by Cisco-owned network intelligence company ThousandEyes traced the Microsoft outage to an external Border gateway Protocol (BGP) change by Microsoft that impacted connected service providers, leading to significant packet loss and diminished reachability of its services. It appears that the Microsoft outage and the DDoS attacks were coincidental and unrelated, however both serve as a stark reminder that no cloud-based service is immune from outages, regardless of the size or provenance of the service provider. The key issue we want to highlight is that cloud service providers typically have service level agreements (SLA) in place that cover their service provision, but not the loss of customer data. Cloud service data protection is the responsibility of the customer.

Data security and recovery misconceptions in the cloud era.

Organizations have migrated their severs and data storage to the cloud in record numbers. The coronavirus pandemic accelerated this trend as organizations scrambled to fully support remote working. This is particularly true of Microsoft Office 365, which reached over 345 million commercial users in August 2022. This move to the cloud and remote work enablement requires organizations to think differently about how they are protecting and backing up their data. Historically, organizations kept physical backup copies of their data in an on-premises data center or server rack. With this infrastructure now virtualized and provided as-a-service, organizations must examine the SLAs in place with their cloud service providers to determine if the default data protection levels are adequate. A Forrester report as far back as 2017 pointed out that every SaaS provider, including Microsoft, explicitly assert that clients are responsible for protecting their own data, yet many users are under the misconception that cloud service data is automatically protected. A 2019 IDC Perspective report revealed that 6 in 10 users of Office 365 interviewed at an event did not have a data protection plan for their Office 365 estates, or rely on Microsoft’s native capabilities. IDC also observed that many users confuse Microsoft’s availability SLAs with backup strategies, while others do not see the need to consider backup for cloud services because it is a “different” technology.

The reality is organizations are experiencing cloud service data loss.

One recent survey found 80 percent of companies using SaaS have lost business data which can be very costly.

A Verizon report in the USA found that small data loss incidents can cost businesses an average of up to $35 thousand. Large incidents of more than 100 million records can cost up to $15 million. This does not even consider the cost of an organization not being able to operate for a period. As such, most organizations that value their data should consider a third-party backup solution to ensure their data is fully protected and available across all data loss scenarios.

Data loss scenarios where cloud-to-cloud data protection can ensure the availability of information.

  • Cyberattacks and ransomware.

Ransomware is the number one cybersecurity threat, and attacks are occurring at an all-time high. According to the 2023 Ransomware Report from cyber risk solutions provider Outpost24, Germany, France and the UK were in the top 5 of targeted countries in 2022 out of a total of 101 countries reporting attacks. The threat of ransomware was exasperated by remote working, as many organizations moved to the cloud to maintain operations during the pandemic, many without ramping up their security controls. Ransomware can be expensive, with attacks making headlines not only for their frequency, but the rising cost of the ransom. In these scenarios, having a backup copy of your data can enable companies to quickly restore the compromised data and resume operations. Even better is a backup solution that not only restores data, but can ensure business continuity by detecting ransomware before it takes hold.

 

  • User Errors

The most common data loss scenarios involve user error. Users can accidentally delete documents, emails or even an entire workspace if they have owner permissions. This is why Microsoft has effective tools such as version control and the recycle bin to counter these mistakes. If a document has been deleted within 93 days or an email has been deleted within 14 days (or up to 30 days depending on your settings), or a workspace has been deleted within 30 days, you can simply restore these items from the recycle bin. Third-party backup solutions allow you to extend these protections so you can restore Office 365 data even if it has been deleted for longer than 93 days.

 

  • Administration Errors

Office 365 administrators and IT professionals are also human, and therefore just as capable of making the occasional error. One scenario could include incorrectly setting the permissions to a workspace. A third-party backup solution will be needed to quickly restore those permissions. Another scenario could be forgetting or failing to implement the correct data retention setting, for example not properly retaining a mailbox of an employee who has departed the organization. After the 30-day window (and it is almost always after), if a user needed to access that mailbox, or that data was needed for compliance purposes, a third-party backup solution would be required.

 

  • Malicious Insiders

Occasionally a disgruntled user or administrator may attempt to delete, corrupt, or otherwise remove access to important data within Office 365. In most scenarios, the data can be easily restored using native tools. However, if that malicious insider has owner or administrator permissions for a workspace and “rolls back” or restores a SharePoint site from a previous point in time, a third-party backup solution would be required to “move forward” and restore the data that has been created since that restore point.

 

  • Project or Planner Data

For organizations using the Project or Planner services within Office 365, a third-party backup tool can help backup critical granular items such as Planner tasks or sites.

Why Cristie Cloud Protection cloud-to-cloud backup is right for your organization.

There are two main approaches to Office 365 backup: either leveraging self-hosted software or a Software-as-a-Service (SaaS) solution such as Cristie Cloud Protection. As concluded in the previously mentioned Forrester report, cloud-to-cloud (SaaS) backup is the only practical option. That is because self-hosted backup software does not easily scale as your data grows and it requires much more manual work to manage. With a self-hosted backup solution, the organization is responsible for all the infrastructure behind it, including:

 

  • Installation and configuration of the platform
  • Scaling and deployment of the necessary servers to support this software.
  • Network bandwidth and monitoring for connections to Office 365
  • Storage for all Office 365 backups, including redundant storage locations to protect against disk-failures or corruption.

 

In addition, the organization is responsible for the configuration of the software, including:

 

  • Maintaining server solution service accounts and authentication for connections
  • Deciding on the best backup scope / schedule between full vs. incremental backups (often monthly full backups of all Office 365 content)
  • Configuring storage locations and capacity planning to match backup schedules.

 

And let us not forget the ongoing maintenance of the software, including:

 

  • Constant monitoring for Office 365 throttling errors due to service account activity
  • Monitoring network consumption to prevent interference with user-traffic on the organization’s network.
  • Monitoring security logs for the platform to ensure no unauthorized actions are taken by the administrators.
  • Support and troubleshooting are also the responsibility of the organization’s IT Team

 

Not only could a self-hosted software impede your IT team from providing reliable business continuity, but the time also spent on these items could be better spent on higher value tasks.

 

In summary, simply backing-up your data on a server does not equate to an effective data protection program.

Cristie Cloud Protection powered by AvePoint – A simple pay-per-use cloud to cloud backup solution.

Cristie Cloud Protection provides vital protection for Microsoft Office 365 and Dynamics 365 but also Google Workspace & Salesforce® with monthly pay-per-use billing and no minimum terms. Cristie Cloud Protection provides a SaaS backup solution that will empower you or your customers to keep business-critical emails, calendars, sites, groups, teams, projects, files, and conversations secure with unlimited automatic backups. With in-build multitenancy the solution is perfect for MSP deployment, and equally suitable for enterprise-wide protection for any organization using cloud services.

Cristie Cloud Protection powered by AvePoint – Key features & Benefits.

  • Customers own their data: Customers maintain full access and control over their backup data, not just what’s in Recycle Bins. If backup files are needed for a longer term than the 15-30 days provided by Microsoft, they can be compressed and encrypted on the storage platform of your choice.
  • Accident-proof customer SLAs: Meet stringent SLAs with automatic backups up to four times a day and get the flexibility to customize your SLAs for RPO and RTO, instead of relying on Microsoft’s default restoration and retention policy.
  • Recover on their own terms: Customers can choose what to restore and where to restore it. Access a backup from weeks ago, or access files during any service disruption: perform in-place or out-of-place restores for granular objects or content, without overwriting valuable data since the last backup, or having to go through Microsoft Support.
  • Integrate existing security processes: BYOK, BYOS and BYOA solutions can be integrated to keep your existing security practices operating.
  • Customer-Owned Encryption Keys: Azure Key Vault ensures unique keys for each tenant, owned, and managed by each customer to prevent unauthorized access.
  • Customer-Owned Data Storage: Data Residency provides hosted options through Azure or through any customer-owned cloud or server storage service.
  • Customer-Owned Authentication: Single Sign-on with Office 365 Credentials and Azure AD applications ensures customers retain control of the authentication and authorization of AOS.
  • Proactively Detect Ransomware: After the solution detects unusual activity, you receive detailed reports to shorten the investigation and flag the areas of questions. If necessary, you can restore all or specific OneDrive data.
  • Highly secure data protection: Cristie Cloud Protection powered by AvePoint is certified by several information security management system standards including ISO 27001:2013, FedRAMP, SOC 2 Type II, CSA, and IRAP.

Simplify your cloud service data protection with Cristie Cloud Protection.

With a unified, browser-based user interface and a fully distributed architecture, Cristie Cloud Protection integrates AvePoint’s powerful data migration, management, and protection technologies into a highly scalable solution for Microsoft 365 applications including SharePoint Online, Exchange Online, Project Online, Microsoft 365 Groups, Teams, OneDrive for Business, Planner, and Public Folders. No installation is required and minimal configuration make getting your cloud service data safe and secure a breeze. Contact the Cristie Data team for more information or to schedule a live demo.

NIS 2 and KRITIS: What Companies Need to Know

NIS 2 and KRITIS: What companies need to know NIS 2 (Network and Information Security Directive 2) and KRITIS (Critical Infrastructure Protection in Germany) are both regulatory frameworks designed to enhance the security and resilience of critical infrastructures, but they differ in scope, geographic focus, and specific requirements. Here’s a

How Does Cohesity Protect Organizations from Ransomware Attacks?

How Does Cohesity Protect Organizations from Ransomware Attacks? In an era where ransomware attacks have become increasingly sophisticated and frequent, organizations need robust solutions to safeguard their data. Cohesity which Cristie Data customers can benefit from within the Cristie READY program offers a comprehensive approach to protecting against ransomware by

How Does Cohesity Simplify Backup and Restore Processes?

How Does Cohesity Simplify Backup and Restore Processes? Cohesity Backup Solutions: Streamlining Your Backup and Restore Nightmares into a Manageable Dream In today’s data-driven world, safeguarding your information is paramount. Traditional backup solutions can be complex, time-consuming, and struggle to keep pace with ever-growing data volumes and cybersecurity demands. Here’s

What is the NIS2 Directive and why was it introduced?

NIS2: A Closer Look The Network and Information Systems Security Directive 2 (NIS2) is a European Union (EU) regulation aimed at strengthening cybersecurity across various sectors. It’s a successor to the original NIS Directive, which was introduced in 2016. Why was NIS2 introduced? The primary objective of NIS2 is to

How can Cristie Data help customers implement Cleanroom Recovery?

How can Cristie Data help customers implement Cleanroom Recovery? In our earlier article we covered the topic of Cleanroom Recovery at a high-level which has become a popular topic and sought-after feature to assist companies with cyber recovery following any confirmed or suspected cyber-attack. Today we talk to Christof Gedig,

Fast CrowdStrike Recovery should be a reality for Cristie Data customers

Fast CrowdStrike Recovery should be a reality for Cristie Data customers. Following the CrowdStrike bug that triggered a global IT outage on July 18th and 19th, 2024, CrowdStrike recovery has become a critical activity and focal point for many organizations. While the exact number of impacted users remains unknown, news

SiteLock

it-sa 2024
Request your FREE admission voucher code.

Thank you for your registration!






Teilnahme nach Verfügbarkeit.

CMT24 - Registrierung
Cristie Mopped Tour 2024

Thank you for your registration!






Teilnahme nach Verfügbarkeit.

Schauen Sie sich das DORA Video an

Thank you for submiting your email address. Press the button below to download the pdf.

Watch the Spectra Tape Video

Thank you for submiting your email address. Press the button below to download the pdf.

Schauen Sie sich das NIS2 Directive Video an

Thank you for submiting your email address. Press the button below to download the pdf.

Save the Data - Event Registrierung

Thank you for your registration!






Teilnahme nach Verfügbarkeit.

Arctic Wolf - Security Breakfast

Thank you for your registration!





Teilnahme nach Verfügbarkeit.

Arctic Wolf - Security Breakfast Event

Thank you for your registration!





Participation subject to availability.

eBook: Transform Your Business with Mature Data Management

Thank you for submiting your email address. Press the button below to download the pdf.

Understanding LTO-9 Tape Technology – Whitepaper

Thank you for submiting your email address. Press the button below to download the pdf.

Understanding LTO-9 Tape Technology – Whitepaper

Thank you for submiting your email address. Press the button below to download the pdf.

Contact Info

Nordring 53-55, 63843 Niedernberg,
An der Burg 6, 33154 Salzkotten,
Germany

Monatliches Angebot für Cloud-Schutz anfordern

Thank you for your registration!

Wählen Sie mehrere aus, indem Sie beim Auswählen die Taste strg oder cmd drücken.

*Sie können die Anzahl der zugewiesenen Lizenzen in Microsoft 365 ermitteln, indem Sie zur Seite Microsoft 365 Admin center > Billing > Licenses navigieren.

** Die folgenden Abonnements werden von Cristie Cloud Backup für Google Workspace nicht berechnet:
Google Voice Starter (SKU ID: 1010330003)
Google Voice Standard (SKU ID: 1010330004)
Google Voice Premier (SKU ID: 1010330002)

Auf dem Weg zur intelligenten Welt – Whitepaper

Da neue Technologien wie 5G, IoT, Cloud Computing und Big Data in der digitalen Transformation eingesetzt werden, bewegt sich die IT-Architektur von Unternehmen in Richtung eines hybriden Frameworks aus „traditioneller IT + privater Cloud + öffentlicher Cloud + Edge“.

Thank you for submiting your email address. Press the button below to download the pdf.

Striding Towards the Intelligent World – White Paper

As new technologies, such as 5G, IoT, cloud computing, and big data, are being applied in digital transformation, enterprise IT architecture is moving towards a hybrid framework of “traditional IT + private cloud + public cloud + edge”. This report provides an in-depth outlook on the development of the data storage industry.

Thank you for submiting your email address. Press the button below to download the pdf.

Zero Trust Data Security for Dummies

Thank you for submiting your email address. Press the button below to download the pdf.