It’s natural to assume the responsibility for deploying enterprise data backup and recovery falls on the IT department’s shoulders. After all, we’re the technology experts, right?
But when it comes to safeguarding the mission-critical SaaS data that keeps an organization up and running, an open discussion of backup and recovery must become top-of-mind across the entire enterprise, particularly among C-Suite decision-makers.
Without question, the time has come for cloud-based backup and recovery to be regarded as a core business requirement, just as email, payroll, financial information, and intellectual property. When data is lost, things quickly shift from an IT outage to a full-blown business outage.
The days of the C-suite approving the IT budget and then standing on the sidelines waiting for a list of things to be accomplished need to end. IT directors were once given authority to make autonomous purchase decisions without an understanding of the big picture because at the time, technology decisions were made based on solving IT problems, not always larger business problems.
Sadly, with today’s broad adoption of cloud computing, many key functions are mistakenly being almost “outsourced” to the cloud because key business issues have not been shared with IT directors, which this article will address.
SaaS, SaaS, and More SaaS
By some industry estimates, the typical enterprise relies on more than 100 SaaS applications, so imagine the impact if one or all of them becomes compromised through employee error, malware, ransomware, or natural disaster, which can bring a company to its knees faster than you can imagine.
If you believe I’m overstating things, think for a moment about organizations that get caught off guard every year from losses due to hurricanes, earthquakes, tornadoes, and floods. Those are circumstances – if not prepared for – that can put a business out of business.
It’s impossible to overemphasize that backing up critical SaaS data falls entirely on the shoulders of the business. SaaS tools process customer and business data but are typically only responsible for maintaining their platform’s uptime, not securing customers’ data.
It’s Time for a New Conversation
If data backup and recovery haven’t been deemed a business priority, how do we make it one? What have been some of the obstacles to implementing a cloud-based data backup and recovery solution? Who should be included in the conversation, and what should it cover?
Creating this internal shift toward backup and recovery being seen as a business requirement is a journey. Part of the answer lies in stepping back in time to examine how enterprises thought about the role of backup and recovery, which in recent years has become complicated by the explosion of SaaS applications and our increased dependence upon them.
Not too long ago, when data backup and recovery were solely managed on-premises, the C-suite was rarely involved in IT decision-making and activities. This is because the risk of catastrophic failure was seen as minimal because locally managed data restoration was easy to control. It was something the IT department could handle with not much oversight.
Even though most businesses no longer live and operate on-premises, it’s easy for top management to take an “out of sight, out of mind” view of things, assuming a data loss can be quickly and easily recovered. What the C-suite may not realize is their risk exposure – compared to the days of on-premises backup – is much, much higher from a business perspective because businesses now live and operate in the cloud.
Ransomware, for example, has helped the C-suite become acutely aware of why backup and recovery are so important. This is not only due to how data loss impacts business continuity, but how it also potentially involves millions of dollars cybercriminals often demand to provide the encryption key for data (which may not be returned in the condition it was stolen).
What should the new conversation be? For starters, the C-suite should meet with IT leaders to make them aware of business goals and strategies with an emphasis on continuity of the business. IT can benefit from better understanding the nuances of business continuity which might otherwise fall outside its normal scope but can now help them make more informed decisions.
The C-suite can help IT understand what the business is working to accomplish, which requires certain key systems to be up and running to be more competitive and better serve customers. This is the opportunity for both sides to examine if something goes wrong, what impact will it have on the company. It cannot afford to be down for days, let alone weeks or months.
When IT executives have insight into business objectives, they can also better understand what needs to happen to improve the disconnect which sometimes exists when the appropriate level of context isn’t shared. IT executives, in turn, have an opportunity to explain to the C-suite the extent of cloud adoption across the enterprise and the activities cloud computing is being used to accomplish.
From a business perspective, the moment you notice a problem is usually when it’s too late, particularly in terms of lacking the right level of protection. Informed and constructive dialogue between both parties can help for a seamless transition to cloud backup and recovery.
The Wild, Wild West of Cloud Computing
As data backup and recovery shifts from an on-premises to a cloud-based environment, there needs to be a measured approach to avoid uncontrolled risk exposure resulting from different departments from being out of sync.
The structure of on-premises backup and recovery is being replaced by a less controlled environment, resulting from access to new technology that is out of sync with business objectives.
The more we advance and become smarter and more efficient through new technology, the greater the opportunity for IT to inadvertently fall out of alignment with business goals. By this I mean, technology simplifies things, so users have the opportunity to bypass IT involvement and set up new processes which start driving part of the business. The downside is if you don’t have systems in place to protect these new processes, they become adopted without the benefit of protection around it.
We’re already beginning to see this “wild west” mentality happen when it comes to data security, which in simple terms is designed to build walls around the data.
Over time, the default thinking is to build higher and higher walls, but with the reality the walls will never be high enough to guarantee no breaches. It begs the question of how to manage over the long term to ensure business continuity?
The truth is you can’t without proper cloud backup and recovery. It is the only way to go back in time when a breach does occur.
Preparing for the Future
The dependence on cloud applications doesn’t seem to be slowing down, so how do you meet today’s needs while preparing for the future? There are certain to be new threats and new aspects of business operations which need safeguarding. This makes having SaaS-controlled data even more critical for business continuity.
Everyone today is on the cloud journey and focusing a lot of time and energy on the technology. They should, however, be thinking about the cloud in terms of the overall business needs and how to best communicate those needs to those who have a stake in minimizing or even eliminating business disruption.