Podcast: SaaS data protection vulnerability and how to manage it
We talk to backup and data management supplier Cohesity about the added vulnerabilities of software-as-a-service data in a hybrid cloud environment and how best to manage multiple data sources
We talk to Mark Adams, regional director for northern Europe with Cohesity, about the vulnerabilities brought by software-as-a-service (SaaS) data in hybrid cloud working and in combination with on-premise and remote office data.
In this podcast, we look at the challenges for backup and data protection brought by SaaS data, including increased complexity and broadened attack surfaces.
Adams talks about the added headaches brought by the numerous sources of data in hybrid cloud working and ways of mitigating the problem. These include simplifying data management, using a platform-based solution and trying as-a-service solutions.
Antony Adshead: What makes organisations especially vulnerable as their dependence on SaaS applications and SaaS data grows?
Mark Adams: Hybrid, on-premise and multicloud applications, and infrastructure deployments are top priority for many organisations seeking to compete in the current world. It’s an ever-untenable position for IT given the relentless growth of data and lower budgets and security threats.
The hybrid deployment, while providing agility, adds complexity and can expand the attack surface if the organisation fails to adequately manage and protect those data assets.
So, what makes it especially vulnerable for organisations is, as the question said, that in addition to traditional on-prem or edge, you now have SaaS applications and SaaS data. It’s tough for business leaders to know how to safeguard valuable internal and customer data in an increasingly savvy world.
I would split the discussion into the on-prem – because I think there are key differences between on-prem and cloud-based systems including security control, visibility, login, monitoring, etc – but I also think it’s worth talking about SaaS, about the two sides to that discussion too.
So, SaaS applications are one thing, and we could talk about how we would advise business leaders, CIOs, CISOs about that sort of space and SaaS data, which is a whole different space – and probably the troublesome space.
Adshead: Considering security and backup, what steps should business leaders be taking to safeguard data – including SaaS data – in on-prem and hybrid environments?
Adams: The simple answer is, take control of your data. Wherever it is, it is the most competitive asset you have. Not everybody thinks like that but any business that is removed or separated from its data rapidly finds out that’s the case.
It’s always best to have your own copy of your own data – so your own backup, your own protection and recovery in place, wherever it is.
Mark Adams, Cohesity
Because of that, [you should] simplify the data management so if you’ve got strong on-prem capabilities, bring that SaaS data into that core data management so that you can have a coherent, single set of policies for all your data.
That’s where if you can bring everything into your current data management system then you should really be looking for a modern 21st century platform-based alternative so that you can simplify the SaaS data from SaaS applications alongside your ROBO [remote/branch office], your edge and more importantly your on-prem.
You should try, I would suggest, some of the data management-as-a-service because you can do that easily. You can do that with a modern solution and without buying infrastructure, so it lets you at least spend some time and focus on those key business-critical tasks.
And you should protect data that you move to the cloud in a way that makes sense for you. A platform base is the strongest. It’s very modern, it’s very extensible, so it’s got some future-proofing about it.
But again, one set of policies across on-prem, cloud, as-a-service, lets you navigate, lets you manage, lets you control, allows you to provide data governance and extends the value of that data you have by having a platform that lets you plan ahead.
Read more about SaaS and backup
- Cloud-to-cloud backup – when native cloud protection is not enough: There’s a certain amount of protection built into cloud services, but it has its limits and full data protection requires that cloud data is secured with cloud-to-cloud backup.
- SaaS data protection is a challenging but critical task: Don’t fall victim to a SaaS backup gap. Ensure critical data in cloud-based SaaS applications has proper protection, especially with increased cloud use.