Around the world, businesses are moving to the cloud at a rapid rate. But, is the cloud really the best place to store your mission-critical data and applications? Is it truly a safe place to put data and apps that need strong protection?
The immediate answer from many companies is “yes.” A recent study by Dimension Research, found that 59% of organizations believe data backed up to the public cloud is safer than data backed up on-premises. Further, the study showed that nearly half of all organizations (46%) believe it is the responsibility of their cloud provider to recover data and applications in the event of an attack or loss.
Are these beliefs about the safety of cloud data correct? Can organizations rely solely on their cloud service provider such as Google or Amazon Web Services (AWS) for data protection?
Leading providers such as AWS, Microsoft Azure and Google Cloud Platform typically secure core infrastructure and services as part of their responsibility. But, when it comes to securing data, that responsibility lies squarely in the hands of customers. Organizations that overlook this simple fact face a much higher likelihood of suffering a serious data loss.
Yet, the general perception remains that if something happens to your data, it’s not your responsibility. Too many organizations have convinced themselves that their cloud provider will take care of solving any issues for them and magically recover all their data if it’s lost.
Unfortunately, that is not the case. Take, for instance, data generated in a cloud app like Microsoft’s Office 365. Yes, Microsoft guarantees the service, but it doesn’t guarantee the security of the data you generate when using the service.
Office 365 does have some basic data protection schemes in place, such as a 30-day recycle bin that allows users to recover and restore deleted data within a 30-day window. That’s important because users will sometimes accidentally delete or purge their data and then realize they need it for legal reasons. After that 30-day limit, however, the data is gone for good. Microsoft, for its part, makes this clear in its terms of service: Users own their data and are responsible for what happens to it.
This misconception around data responsibility is somewhat understandable. In particular, the StorageCraft study found that small and midsize companies are much more likely to believe that their cloud provider will bail them out in the event of a data loss. For instance, 52% of midsize companies believe their cloud provider is responsible for data recovery, compared to just 43% of enterprise companies who believe the same.
Many of these smaller businesses trust that sophisticated, near trillion-dollar cloud providers such as Google, Microsoft and Amazon have ironclad capabilities when it comes to data protection. They think they don’t have to worry, and they’re in good hands. While that’s generally true, they don’t realize that data loss and recovery are separate issues and their own responsibility.
There is also a strong belief among organizations with a cloud-first strategy that their data is safer in a public cloud than it is in an on-premises facility. The study found that 76% of companies with an overt cloud strategy feel their data is safer in the cloud, compared to just 37% of companies that prefer to store their data on-premises.
Trust in the cloud also varies by culture. For instance, 71% of organizations in France believe that data backed up to a public cloud is safer than on-premises. By contrast, only 37% of German companies feel the same way. Likewise, the study found that 59% of French companies believe data recovery is the responsibility of their cloud provider, compared to just 41% of German companies.
At the risk of overgeneralizing, one might conclude that Germans feel a greater need to be in control of their own data, while French companies have a more laissez-faire attitude toward data recovery, entrusting that their cloud providers will take care of any issues.
But no business, wherever it’s located, should have a false sense of security. The truth is that, whether it’s an issue of data corruption, a security breach or even accidental data deletion, the onus is on you to recover that data, not your cloud provider.
So, then the question all companies need to ask is this: When something bad happens, how are you going to get your data back? Then ask yourself what level of risk you can tolerate and what kind of data you are putting in the cloud. Is it data that’s mission-critical and can you afford to lose it? Will your business run exactly the same without that data you just lost? And if not, how bad will the impact be?
Once organizations realize they can’t rely on their cloud provider, they start to understand what kind of data-recovery capabilities they do have and also what they might need to add to stay protected.
The good news is there are easy-to-use, cost-effective solutions that enable organizations to simply, yet powerfully, manage their data storage and backup requirements, whether on-premises or in the cloud. Instead of mistrusting their cloud provider, organizations can simply set up a truly effective data-recovery strategy. Adding that extra, yet highly necessary, layer of protection to your cloud data could be the difference between a business that successfully responds to adversity and one that succumbs to disaster within days, while realizing that it relied on cloudy promises.