As an admin taking care of your business data in the cloud, you fully understand the importance of having good backups of your data. Whether it is data loss due to your end users accidentally deleting data or ransomware, backups are essential.
Even in the realm of data backups, security is a primary concern when looking at services and solutions to protect your data that is housed in the public cloud. Not all online backup solutions are created equal when it comes to security. Can you trust online backups? What security elements define safety when it comes to your data?
Why “Online” Doesn’t Mean Insecure
First of all, most likely when you take a look at solutions to back up your data that is stored in Software-as-a-Service environments like G Suite and Office 365, those will be housed “online”, in the cloud. Typically, online backup solutions perform what is known as “cloud-to-cloud” backups. When it comes to security, many hear the word “online” and assume that automatically means it is less secure. Why does online not necessarily mean insecure?
No matter where a service or solution exists, proper security measures need to be put in place to ensure the security and safety of your data. On-premises solutions are not just magically more secure than cloud environments. Security issues with online or cloud environments are typically due to improper security controls or a lack of security measures put in place.
The same is true with online backup solutions that protect your public cloud data. The key is having the right security elements in place so that your data is safe. Cloud security and those backup solutions that store your data in “online” cloud environments need to have these proper security controls and elements in place.
When choosing a backup solution to backup your SaaS data, you must consider the security provided by the backup solution as a major part of the decision-making process. Failing to consider security in this day and age is extremely dangerous both to your data and your business reputation.
What are the security considerations and the security elements that you should look for when choosing an online backup solution for your SaaS data? Let’s take a look.
What Security Elements Define Safety
There are a number of security elements that help to define safety and security standards and that are extremely important to consider when choosing an online backup solution. A reputable, secure, and reliable online backup solution should provide the following:
- Data encryption
- Employee access control
- Secure cloud ecosystem
- Data access policy
- Security certifications
Let’s look at each security element listed one-by-one and see how they should weigh into choosing a backup solution for your data in the cloud.
You often hear about encryption in a bad way. Ransomware makes major news headlines by maliciously encrypting your data so that you cannot access it without the right encryption key. However, you can use encryption in a good way to protect your data.
In fact, Data Encryption should be one of the most basic elements of good security when it comes to protecting your data. What is encryption? Encryption technologies, in general, use mathematical algorithms to lock data so that it cannot be read without a cryptographic “key”.
With the encryption key, the data can be unlocked and read as normal. This helps to ensure that only those who legitimately have access to the data can read it.
Think about the data that is contained in a backup of your online cloud data. It is often not thought about, however, the data contained in a backup of your production cloud environment is production data. It is imperative to secure production backups.
Anyone who might gain unauthorized access to your backups essentially has gained access to production data. In fact, if not properly secured, it may be easier for an attacker to gain access to backups containing production data as opposed to hacking into production data directly.
Reputable and security-conscious backup solutions that backup your online data should be using encryption at all levels. This includes encryption in-flight and at-rest. What is the difference? Encryption in-flight means your data is encrypted as it is moving across the network. Encryption at-rest means the data is encrypted on-disk. The two are different and equally important. Make sure any online backup solution you choose is doing both for protecting your data.
A great example of an online cloud-to-cloud backup solution using industry-standard encryption algorithms and processes is SpinOne (previously Spinbackup). SpinOne makes use of AES 256-bit encryption both in-flight (during the process phase across the network) and at-rest (when storing the data). This helps you to meet both Office 365 and G Suite security goals.
Employee Access Control
Another consideration to make when choosing an online backup solution is what controls the backup vendor has in place to prevent employee access to your data. To clarify, this is the backup vendor employee access to your data, not your own employee access.
The recent Facebook debacle where Facebook employees had access plain text passwords of Facebook users helps to illustrate just how dangerous vendor access to your data could potentially be.
Look for online backup solutions where the vendor has tight controls in place to prevent its own employees from accessing your data contained in backups of your online data.
Secure Cloud Ecosystem
When looking at an online cloud backup solution, consider the infrastructure used by the vendor. Are they using their own private cloud? How secure is the private cloud infrastructure? Are they using public cloud vendor infrastructure to back their backup solution? Which one? What security measures are they taking advantage of as offered by the public cloud infrastructure being used?
You should ask all of the above questions concerning any online backup solution you may be considering. Be sure that part of your decision-making process is considering the cloud ecosystem the online cloud backup solution is utilizing.
Data Access Policy
An important aspect of securing any system involves using some form of credentials to verify identity. Accessing your G Suite or Office 365 environment requires validating identity by using some form of authentication. Does your online backup solution require access to your credentials?
What is their data access policy of the backup vendor when it comes to needing your credentials? Do they somehow store your credentials or require access to them? Look closely at how they interact with your environment from an authentication standpoint. Data access policy should be a key consideration when comparing online backup solution vendors.
What are security certifications and how do they allow you to gain confidence in picking a specific online backup solution? Security certifications and assurance programs validate a piece of software, service, or solution is able to operate at a level of security that ensures your data is reasonably protected against threats.
When choosing an online backup vendor, make sure they are participants in industry-standard security assurance programs or make use of cloud infrastructure that is compliant with industry-standard security programs.
Using SpinOne as an example once again, SpinOne backups use the AWS Shared Responsibility Model that provides top-level security of the cloud to its customers which holds industry-standard security assurance programs such as SOC1, SOC2, SOC3, ISO 9001, ISO 27001, HIPAA, MPAA, FISMA, FERPA, CJIS, CSA, DIACAP, FedRAMP, ITAR, FIPS 140-2, G-Cloud, and PCI DSS Level 1.
Be sure to look for these key industry-standard security certifications when choosing a reputable online backup solution for protecting your data.
How to Determine Online Backup Service Reliability
A key aspect of choosing an online backup service is determining the reliability of the service. No matter how secure or great the features of the solution, if it is not reliable, it can lead to catastrophic consequences in both protecting and restoring your data.
What are the important key performance indicators when looking at an online cloud data backup solution? Consider some of the following aspects of reliability:
- What is the online backup solution service level agreement (SLA)?
- What is their customer base?
- How many companies are using their service?
Service Level Agreement (SLA)
Looking at the SLA of the availability of your online backup solution as well as the SLA for succeeding in backing up your data are both key considerations when choosing an online backup solution. The higher the SLA the greater the availability as well as successful backups.
What is their customer base?
While not totally indicative of reliability, the more customers an online backup solution has, this helps to indicate maturity and reliability. Generally speaking, customer base grows due to positive feedback. If reliability or success in backing up your data is an issue, this will most likely be reflected in the number of customers choosing the solution.
How many companies are using their service?
Look for a good number of well-known companies that are choosing to use the online backup solution you may be considering. Bigger, well-known companies generally do their homework before choosing a particular vendor. They will only choose those online backup solutions that are effective, efficient, and reliable when backing up their data.
SpinOne protects an impressive number of G Suite users, companies, and apps discovered
While backing up your data housed in the cloud is absolutely essential, so is security. “Online” backups of your cloud environment are not necessarily “less secure” than backups stored on-premises. However, the online backup solution you choose must be making use of the right security controls to ensure the safety of your data.
Look for backup solutions that are making use of the security controls mentioned and that take the security of your data seriously. This will be reflected in their reliability, the number of individual users protected, and businesses using the service.
When you choose an online backup vendor that is security conscious and takes the safety of your data seriously, you can have confidence in protecting your online SaaS data with cloud backups.