Why Would I Need a Backup of my Data in the Cloud?
Cloud services were supposed to solve all our problems, right? The same company you have been working with for years is taking on responsibility for developing the software, hosting it, backing it up and upgrading it as needed, all for an easy-to-understand monthly fee per user. Most of the time, it’s a win-win. The developer gets a recurring stream of revenue to fund development efforts, and the customer gets a turn-key solution to their problems. The component that is often passed over in the sales pitch is the backup of the data.
Any reputable cloud vendor will have a backup of the data that they store – they are at huge risk if they didn’t. If a meteor hit their data center, they need to be able to restore their customer data or else they would go out of business in days. No software vendor would subject themselves to that kind of liability. You, however, as the consumer, usually have no access to those backups. It would be far too costly to support individual backups and restoration of millions of company files. Some cloud-based applications allow customers to run manual backups of their data, some don’t. Almost none of them support automated backups. For example, you can technically export QuickBooks Online data to a file that can be opened by QuickBooks desktop, but the process is very manual, and has some requirements that a lot of end-users may not be able to accommodate.
We (Microsoft) recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services. *
Some applications are widely used enough that an entire cottage industry has sprung up to help fill the gap for customer-centric backups of the data. Do you need to think about backing up your cloud data? Below are some of the common, non-meteor-related reasons why companies may need to have backups of their cloud data that they own and control:
- Human Error – Alexander Pope famously said “to err is human...” and we generally hire humans. According to Aberdeen research, more than 2/3 of data loss incidents in businesses are the result of simple human error. Busy, well-meaning employees can easily delete or move whole directories, and restoring them from a “recycle bin” is not always quick or easy.
- Malware/Viruses/Ramsomware – Viruses used to be written for the amusement of the writer, and they still sometimes are. In recent years, however, malicious software has been written to hold data ransom, and there have been many high-profile cases of government offices, large businesses, and hospitals being hit by these ransomware attacks. If you get lucky, you can pay the ransom and get your data back. In some cases, however, there have been fake ransomware attacks that destroyed data with no hope of recovering it at all. In 2017, an international shipping giant was crippled for weeks by a politically motivated virus posing as ransomware. While many other organizations were also hit by NotPetya, few came as close to destroying a global commercial power as this example. In this case, the company was saved by what amounts to an accidentally offline server. If your servers are all in the cloud with no additional backup, you may not be so lucky.
- Syncing Software Errors – The Sync client you use (OneDrive/Google file stream/DropBox etc.) can have errors that cause blank folders or bogus data to be written back en masse to the cloud servers. These applications are generally pretty solid, but bugs happen and when they do, huge amounts of data can be wiped out nearly instantly.
- Illegitimate Deletion – Microsoft/Intuit/Google/SalesForce/<software vendor> is not responsible for whether an employee should be deleting data. For example, it is all too common for employees to “clean up their mailbox” once they know that they are looking for or have secured other work. Most employers would never know this was happening if they did not suspect it was going on. After a staff member leaves, employers will sometimes find that they’re now missing large amounts of the “paper trail” that they need to ensure that their customers are served.
- Outside Hackers – This one can be disastrous and is becoming more common. If your company is attacked by a competent hacker, only an offline copy of your data somewhere will keep that data safe.
- Employee Acting Maliciously - CERT has reported that 23% of electronic crimes have an “insider” component, and Gartner estimates that 64% of malicious data loss incidents are done for financial gain. Data can be “exfiltrated” by trusted employees and replaced with bogus data or deleted altogether. If you have a competitor in your market, your internal data is at risk.
So what is a business owner to do? If your key company data is in your email or in SharePoint, you have some options to back it up with a number of third party services that are pretty easy and affordable. While certainly an additional cost on top of the money you are spending on Google Apps or Office 365, a backup is almost never wasted money, and many clients will find that the cloud backups cost less than the backups they had when they had their files and email on a server in their office.
For other applications that may be more industry specific, you'll need to get help to determine the best backup strategy. Some services allow you to export your data in bulk to PDF or text files, while some may allow you to export a data file that can be imported into the non-cloud version of their software (like QuickBooks). A cloud specialist will be able to guide you through the complexities of backup and disaster recovery for your cloud data.
Regardless of where your data lives, you need to understand the risks you are exposed to and the options and costs to mitigate those risks. The right advisor will take the time to understand your business the way you do, and help you find the right solution for a price that makes sense. Our team at Lighthouse IT has the skills and experience to help you protect your business data, no matter the threat.
Eli, thanks for sharing!