Six Ways IT Teams Can Be the Guardian of Their Companies’ SaaS Data

According to Gartner Research, more than 30 percent of the 100 largest cloud service providers’ new software investments will have shifted from cloud-first to cloud-only within the next two years. As software-as-a-service (SaaS) options and adoption grow, there is a new debate stirring on whose responsibility it is to ensure SaaS applications are safe and secure: the customer or cloud provider? The short answer is both. As in any mutually beneficial relationship, with SaaS comes shared responsibility. While the service provider is responsible for core infrastructure security, it is ultimately up to the IT team to secure, protect and take control of their company’s data. In this eWEEK slide show, Anthony Lye, responsible for developing Cloud Control for Office 365 at NetApp, explores ways IT teams can be guardians of their SaaS data as more companies steer away from land and toward the cloud.

One of the early barriers to cloud adoption was security, but these concerns have since shifted to vendor lock-in and compliance/governance. While vendors can be relied on to address any hardware or application failure and assist in disaster recovery, take special note of your license agreements and identify any language regarding data rights.

Your data might not be as safe as you think because migrating the workload to cloud doesn’t remove the need to protect the data.

Data loss is becoming more common, and there are a variety of factors that play into this. From ransomware and end-user errors to synchronization issues with third-party apps, you need to have a data loss prevention (DLP) plan in place to recover data from unforeseen circumstances.

Integrate data protection technologies with everything you do and make sure a variety of backup options exist.

Different types of data may have to adhere to different sets of regulations, which in turn could dictate how data is stored and backed up. Offer your organization a variety of deployment models, storage options, archive lengths and granularity to ensure compliance and happy users.

Use third-party solutions that employ multiple layers of operation and physical security to allow the integrity and safety of your data, from strong encryption to intrusion detection.