While cloud vendors will handle security for their services, that doesn’t mean business owners don’t need to be concerned about cybersecurity.
This is because when it comes to protecting your business’ data, the onus is on the company to insure that it is protected.
This might seem like obvious advice, but we’ve seen enough reports of poorly configured cloud containers being visible to the public to know that it isn’t obvious.
Now that COVID-19 has forced many companies to adopt a digital approach to doing business, it is important to highlight that securing your software as a service (SaaS) applications, is largely your responsibility.
“We often see companies taking their data off premise, where it was once backed up, to then move it to the cloud and trust the cloud vendors to provide that service. 99.9% availability is all too often confused with data durability,” explains sales specialist at Commvault, Simon Williams.
There are some cloud vendors who provide security on top of SaaS applications but these security solutions aren’t always included in that cost. This is important to understand because while cloud solutions can ultimately save a business money, poorly configured solutions can end up costing you more than you anticipated.
Commvault’s advice is that businesses work with technology providers that have the capabilities to implement data backups and security protections but sometimes that just isn’t possible.
As we’ve mentioned several times in the past, the cloud can be incredibly complex and it requires careful consideration of every aspect of a business not only how data flows through the firm.
There could be a provider who meets your needs from a cost perspective, but doesn’t offer backup and security services. In cases such as this, interoperability should be a key consideration.
Even once protections are in place, these should be tested.
“The best way for organisations to certify that their SaaS data is properly protected and secured would be to team up with a data management partner that has in-depth experience. The partner must have needs to be knowledge in the areas of security, data sovereignty, compliance and governance that companies are expected to adhere to,” concludes Williams.
With legislation such as PoPIA now partially in effect in South Africa, data protection should be of the utmost importance for local firms.
[Image – CC 0 Pixabay]