The issue of shared responsibility in cloud security is an issue which refuses to go away. Yet according to a new report from backup and disaster recovery managed services provider (MSP) 4sl, organisations are risking a data disaster by misunderstanding cloud providers’ backup processes.
The study, which polled 200 UK enterprises, found a majority of respondents believe the backup times for their various cloud products are longer than the advertised standards.
The hyperscale clouds are a primary example. The report notes Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform do not offer backup as standard on its own. Securing such data has long been a booming channel industry for independent MSPs and others – at least until AWS, for instance, launched AWS Backup at the start of this year to take a cut.
Yet the vast majority of those polled believed backup did exist as standard. More than four in five agreed this for AWS (81%) and Azure (84%), while an overwhelming 92% of respondents said so for Google.
Even for products with standard backup included, respondents believed they were getting more than they had – although a difference was evident in how much. For Office 365 SharePoint Online and Teams files, where the backup is 93 and 90 days respectively, around half (55% and 50%) knew where they stood. For products with only a short sprint, such as 14 days for Teams messages and Office 365 Exchange Online, this drops to 22% and 27% respectively.
“With cloud infrastructure services and applications firmly entrenched in 21st century IT strategy, enterprises need to be certain that their cloud and backup strategies are operating in concert – with any change to cloud strategy accompanied by changes in backup policy,” the report notes. “However, this is not consistently the case.”
The one product which came out of the rankings relatively unscathed was Salesforce. The CRM giant promises 90 days as standard backup retention, with more than half of respondents (55%) knowing this and almost four in five whose backups are therefore not at risk as a result.
Yet the findings – perhaps not entirely surprising given 4sl’s line of business – should come as a warning to organisations. “The desire to pass on responsibility for backup to service providers is understandable – backup environments are becoming extremely complex, and the peace of mind that a responsible partner is managing backup can be invaluable,” said Barnaby Mote, 4sl CEO and founder. “However, enterprises need to understand that in the main the standard level of backup provided for infrastructure or software as a service won’t meet their needs.”
Organisations back up data as a matter of course, not least for privacy and compliance but also to garner insights and analysis. Speaking to this publication in August, David Friend, CEO of cloud storage provider Wasabi Technologies, noted his view that storage would become a ‘commodity’, and that issues of cost around backing up what where would simply no longer exist.
“We [shouldn’t] think of data as sort of a scarcity… more a mindset of data abundance,” said Friend. “The idea that data storage gets to be so cheap that it’s not worth deleting anything. We have to think about data as something which has probably got future value in excess of what we think it might have today; we need to think of cloud storage the same way we think of electricity or bandwidth.”
You can read the full 4sl report here (pdf, no opt-in required).
Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.