Many organizations believe it is not necessary to have a software-as-a-service (SaaS) backup strategy in place, thinking that their data is protected by the SaaS provider. Unfortunately, this is not true. Data loss can occur when using SaaS – in fact, Gartner reports that 70% of organizations are likely to suffer business disruption by 2022 due to unrecoverable data loss in a SaaS application.
What is a SaaS application?
SaaS is an application that runs on a provider’s cloud (known as a SaaS provider) with the functionality delivered to users as a service via the internet. SaaS is a popular and less expensive alternative to purchasing and maintaining applications on on-premises systems. Instead of downloading or installing applications from CDs and running them on a system’s hard drive, many organizations prefer to use a SaaS application. Gartner forecasted that the SaaS market will grow to $151 billion by 2022 due to the scalability of subscription-based software.
Salesforce, Dropbox, Microsoft 365 (formally Office 365), Google Workspace (formally G Suite), and Cisco WebEx are examples of popular SaaS applications. Users/organizations typically rely on a pay-as-you-go model for these services, with a monthly or annual fee for a SaaS subscription. The provider is held to a Service Level Agreement (SLA) to ensure uptime and application availability. In a recent Gartner survey, 97% of recent respondents indicated their organization uses at least one software as a service (SaaS) application.
How can data associated with a SaaS app get lost?
When using a SaaS application, there are many reasons why data can be lost.
- Human error – Accidentally deleting or overwriting files or folders caused 25% of data loss in 2019. Let’s face it: accidents happen.
- Departing employees – Sometimes, when an employee leaves the company, their accounts are closed. The data on those accounts can be lost as well.
- Insider misuse – Disgruntled employees may wreak havoc with data. A SaaS application lets a user delete or modify data without knowing the human intent behind the action.
- Cyberattacks – The statistics are staggering. IDC reports that 93% of businesses experienced attacks within the past three years. Criminal and malicious attacks were the leading cause of data breaches in 2019 at 51%. SaaS applications can be accessed if even one employee's machine is compromised. Attacks can happen quite quickly when employees have weak passwords, fall for phishing scams, or click on malicious links.
- Misaligned retention settings – A SaaS provider's data retention policy may not align with the organization using the software. In regulated industries where compliance may require storing data for seven years, a SaaS provider that stores data for a lesser time can result in data being hard-deleted and lost forever.
Do I Need a SaaS Backup Solution?
Many believe that there is no need for the user/organization to perform a SaaS backup because the provider performs a SaaS cloud backup of the infrastructure and applications. While this is true, many users do not realize that these backups are designed to be used by the provider to ensure it meets its customers’ SLAs with regards to uptime and high availability. In case of a major outage, the SaaS provider has backup processes in place to protect its data, systems, and applications, but that does not include your data. See the part of Microsoft’s SLA agreement that talks to this specific scenario:
Similarly, "Google's application and network architecture is designed for maximum reliability and uptime." Google guarantees 99.9% availability of its Google Workspace products, but that is not a guarantee that your data is protected. It means only that the software will continue to be available.
If you don’t back up your SaaS data following the 3-2-1 backup rule, your data is not safe and this is the reason why Gartner predicts that 70% of organizations are likely to suffer business disruption by 2022 due to unrecoverable data loss in a SaaS application.
Lastly, the data associated with your SaaS application becomes important should your organization decide to change service providers or purchase/develop an application that runs on a on-premises system. In these cases, you will need a copy of your data – both current data and historical data. Some providers let you download a copy of your raw data or offer a database schema or other mechanism to extract the data. Some providers offer very little help as it does not want to make it easy for customers to exit their service.
Advantages to a SaaS backup solution
Your SaaS is only as secure as your backup. With the right backup solution, you can:
- Safeguard data and recover granular items
- Ensure business continuity and preparedness
- Avoid legal and regulatory compliance fees
- Verify authenticity to ensure data is authentic, original, and unchanged
- Plan for migration to another SaaS provider or in-house system
Bottom Line: Your organization is responsible for backup and recovery of data on these services, while the SaaS provider’s responsibility to make sure the software infrastructure is available.
Acronis Cyber Protect as a SaaS Solution
If your business uses SaaS, the best action you can take is to put a backup service in place to protect the data your business creates and uses within SaaS applications, no matter what happens.
Purpose-built to ensure 360-degree cyber security for businesses, Acronis’ cyber protection solutions such as Acronis Cyber Protect deliver easy, efficient, reliable and secure cyber protection for all data and apps in on-premises and remote systems, in private and public clouds, and on mobile devices. For SaaS applications in particular, Acronis Cyber Protect enables you to perform cloud-to-cloud backups so that you can store the data used in your Microsoft 365 or Google Workspace applications to a separate public or private cloud. This helps ensure that your organization is meeting the 3-2-1 backup rule.
Get started with your SaaS Solution.