Oct 2016

Mitigating the Human Cost of a Disaster with a Data Protection Plan

Posted by Jackie Liu in Cloud Backup
Hurricane Matthew satellite photo

Hurricane Matthew has clearly had a human cost, with hundreds of lives lost and underdeveloped regions bearing the brunt of the casualties. The worst of the carnage was in Haiti where over 1000 people have perished and thousands more have lost their homes and desperately need medical help. Even in the US where authorities have been warning residents from Florida to North Carolina to evacuate for days, at least 33 people have died.

If you wish to contribute to the relief effort, we encourage you to give to a charity in your area.

While first responders are at the front line protecting people, basic infrastructure including transportation and telecommunications networks become all the more critical to their work. As many have learned in this storm, it’s essential to plan for business continuity well before a disaster or you could needlessly put personnel in harm’s way. For organizations with 24/7 operations such as government or utilities, losing access to mission-critical systems for even a brief period of time could add to the human cost of a disaster. Think 911 operations centers, hospitals or municipalities.

If your datacenters are located in a hurricane-prone region, you’ll want your employees to evacuate as soon as possible, not spend time making preparations when it may already be too late. With regular, off-site backup in place, you’ll rest easy knowing your data is protected while your staff can focus on what’s most important, looking after their family’s safety. If you are still relying on a tape backup system, there probably won’t be enough time to move those tapes to a safe location when a hurricane or tornado can affect areas thousands of miles wide.

Equipment can always be replaced, but your most valuable assets — your people and data cannot. It’s a matter of when, not if another deadly storm hits. The frequency of tropical storms are increasing, with potential links to climate change. According to NCAR, the frequency of Atlantic hurricanes have doubled over the last century. With aging infrastructure in many parts of the US and the rest of the world, critical systems such as levees are less able to withstand floodwater than ever.

Your considerations about data protection should extend beyond backup and encompass a full disaster recovery and business continuity plan. It’s a good idea to conduct a full data protection audit to consider appropriate recovery time objectives (RTO) and recovery point objectives (RPO) — i.e. how much downtime and data loss each department of your organization could withstand. For the most sensitive organizations, a warm or hot disaster recovery site that’s geographically removed from your location should be considered.

We understand that not every organization has the internal IT capabilities to undertake this kind of audit. Even if you have significant IT resources in-house, chances are they’re tied up with day-to-day operations and projects like replacing aging systems. That’s why more organizations are turning to disaster recovery as a service (DRaaS) arrangements where a managed service provider will design and implement a disaster recovery plan on your behalf. You have the choice of storing your backup data in a public, hybrid or private cloud, depending on business requirements and privacy and security concerns.

Speaking with an Asigra Recoverability Specialist can clarify your options and match you with a service provider for your region and industry. For a free consultation, please contact us here

Spice IT Email Post
Oct 2016

Case Study: A Cost-Effective Path to Cloud Backup Services (and Recurring Revenue)

Posted by Eran Farajun in Cloud Backup
Case study thumbnail

Increasing recurring revenue is one of the toughest challenges that MSPs face. With income from project work and break/fix frozen in place or declining, many MSPs turn to cloud-based managed services such as data backup and recovery to boost monthly recurring revenue.

Finding a way to easily deliver these services can be daunting, while researching, assembling, designing and maintaining the infrastructure required to offer cloud-based services can be expensive and time consuming.

What’s an enterprising MSP to do? Read on: Asigra’s new case study illustrates how Asigra Converged Data Protection Appliances for Managed Service Providers deliver cloud backup and recovery software, hardware, and services “in a box” to simplify the deployment and lessen the cost of providing cloud backup services.

We’ve assembled a multi-faceted case study based on interviews with our partners to help MSPs like you better understand the benefit of Asigra Appliances as a simple and cost-effective way to quickly deploy cloud backup services and get to revenue faster. Download this case study to learn how Asigra Appliances can help MSPs minimize the cost of cloud backup infrastructure and services, and start earning revenue quickly, without a large upfront capital investment.

Asigra Converged Data Protection Appliances provides a range of pre-built, all-in-one appliances that come pre-integrated with Asigra Cloud Backup, a comprehensive, multi-tenant data protection solution for all data sources, regardless of platform. Asigra Cloud Backup protects data located in virtual and physical servers, Docker containers, enterprise databases and applications, and endpoint devices such as desktops, laptops, tablets and smartphones. Asigra Cloud Backup also backs up SaaS-based office systems such as Microsoft Office 365, Google Apps, and Salesforce, plus PaaS sources such as Amazon Web Services and Microsoft Azure. Cost-effective, easy-to-deploy Asigra Converged Data Protection Appliances enable MSPs to have their cloud backup and recovery service up and running within an hour.

To speak to an Asigra Recurring Revenue Specialist about how to leverage the Asigra Appliance to start offering cloud backup services and earning monthly recurring revenue, email or call 1-877-736-9901 or 416-736-8111 ext. 1453.

Spice IT Email Post
Sep 2016

Datastring Founders Establish Cloud Backup Company through Asigra Partnership

Posted by Jackie Liu in Cloud Backup
Datastring logo

Read the Press Release

Meet the people behind the UK and Ireland’s most exciting, up-and-coming cloud backup provider – Datastring. Jon Thordarson, CEO and Steinthor Kristinsson, CTO are highly experienced IT infrastructure engineers who have protected customer data using Asigra since 2004 at Securstore (later KeepItSafe), an award-winning Asigra Partner.

A couple of years after their former company was acquired, Jon and Steinthor decided to strike it out on their own. They formed Datastring with an eye for the growing market of organizations who need to protect their SaaS and IaaS data.

Datastring needed a robust platform that supported today’s growing diversity of data sources – from traditional to cloud data protection. Asigra was a tried-and-true solution from the founders’ perspective and the logical choice they immediately considered.

Asigra is proud to announce that we have earned Jon and Steinthor’s trust as the platform powering Datastring’s cloud backup services. Their decision to build their business as an Asigra Partner is a huge vote of confidence, from a team who has over 12 years of experience using our solution. They were impressed by how our software has evolved over the years, growing in functionality to cover Office 365, Salesforce, Google Apps, Azure, AWS backup, replication and virtual machine disaster recovery.

We are confident that Datastring will accelerate their growth with Asigra Cloud Backup, given the promising response from their customer base. Joseph Morsi, Lead Infrastructure Engineer at Digiterre noted “The Datastring solution meets all of our business requirements. Their proven industry knowledge, experience and reputation was crucial in our decision.”

Any organization seeking a trusted advisor to assist with Backup-as-a-Service (BaaS) and Disaster-Recovery-as-a-Service (DRaaS) projects should certainly consider contacting Datastring. All of their engineers have hands-on experience as network administrators, preparing them to tackle your most complex data protection requirements.

If you are a MSP who would like to know how the value of an Asigra partnership extends beyond the software, please visit our page about partnering with Asigra.

Spice IT Email Post
Sep 2016

7 Tips to Avoid Ransomware

Greg Drumsta

This is part of a series of interviews with Asigra Partners. In this post we’re talking with Greg Drumsta from tech42 about his experience protecting customers from ransomware and advice for preventing this type of attack.

SC: Tell us a little about yourself.

GD: My name is Greg Drumsta, and I am the Cloud Services Administrator of tech42 (@tech42llc). We understand that organizations need to keep their most important files both secure and accessible. Our focus is providing the most efficient technology stack for organizations to maintain high availability and mitigate security risks. We offer premium affordable services that enable our clients to get the most for their money from our Dunmore, Pennsylvania headquarters.

I am responsible for managing backup, anti-virus, Exchange, spam filtering and website hosting for numerous organizations. During my time at tech42, I have been able to restore files affected by ransomware encryption, saving many man hours of work for our clients. Along with my passion for technology, I am always striving to deliver quality customer service as a knowledgeable advisor to our clients.

SC: What are your experiences with helping clients protect their data against ransomware?

GD: One of our managed backup customers, an architectural firm, contacted us when 75% of the data across their file shares had been encrypted by ransomware. At that time in 2014, ransomware was a relatively unknown form of malware, so I had to familiarize myself with which file extensions this strain was targeting. As it turned out, many of the encrypted files were common Office formats like .doc and .xls. Asigra Cloud Backup™ gave me the control I needed to manually restore each affected file extension.

We were able to restore all of their files without the need to pay the ransom demand. The results would’ve been devastating to our client if they haven’t had a backup, forcing them to repeat months of lost work and face the financial consequences of missing deadlines.

SC: Do you have any tips for organizations on how they can avoid ransomware altogether?

GD: Sure. I have 7 key points organizations should keep in mind to prevent this type of attack.

  1. Regularly backup important data

Data is the lifeblood of most organizations and it can be difficult, if not impossible to recreate original data. Computers can be lost, stolen, or destroyed in a fire or other catastrophe so having a backup plan is essential to recover business-critical data. Besides scheduling automatic backups, it’s also a good habit to make extra copies of your personal or critical work data on a regular basis. This means copying your files over to a protected system that you can access when those files are needed.

The most commonly overlooked area when organizations are looking to create a backup plan is email. A lot of critical business information is contained in email alone so being extra careful to include it in your current backup plan is a must. I’m a big fan of Asigra’s platform-agnostic solution which helps organizations manage backup better over multiple point solutions, allowing backup for anything on any system.

  1. Tighter exclusions on antivirus software

Relying exclusively on antivirus to protect you from all threats is not enough because it’s ineffective in spotting and stopping ransomware. Make sure you have an internet policy for web browsing that’s clearly communicated to your employees. It’s important to remember that the spam filter can’t catch every harmful email that’s aimed at your organization, particularly zero-day viruses.

I think all IT departments should prohibit illegal or non-compliant downloading of pirated materials in an Internet use policy. They can be major bandwidth stealers which may contain viruses.

  1. Double-check the email sender

Often times, emails from people we don’t know can contain suspicious attachments, so looking at the email sender can help you identify whether an email attachment is malicious or not. Always check the “to field” to see if it matches the name it comes from. If it looks strange check the IP addresses and Mx record origin from the sender. There are many great resources online to check for IP origin as well. On the other hand, an attachment can be malicious even if you know the sender! If an email from someone you know is questionable, you may want to give them a call or ask them in person. If they didn’t in fact send the email, they’ll appreciate you notifying them that their computer or email may have been hijacked.

  1. Don’t click links in a suspicious email

If you are unsure, do not click the link in an email. As a best practice, hover over links to ensure they are going to the correct destination before clicking them. Also, headers may have strange IP addresses meaning it’s coming from a different country, which is a dead giveaway.  

  1. Don’t download questionable attachments

Generally speaking, reading the contents of an email is safe, but the attachments can be harmful. Even though many email servers will do most of the work in removing potentially dangerous attachments, you still have to be extremely cautious to never run an attachment unless you are absolutely sure of its origin.

  1. Maintaining up-to-date software

To prevent ransomware, make sure you have updated software, including your operating system, browser and any toolbar plug-ins you use. In addition, ensure that your antivirus software and firewall protection is up to date as well. A great way to ensure that your endpoint software is updated is by having a remote monitoring and management tool.

One major security risk that may occur with outdated backup agents is code exploitation which can result in backup fails or having it finish slower.

  1. Having both anti-malware software and software firewall

It’s always a good idea to have both anti-malware software and a software firewall set in place to identify suspicious behavior. These two layers of protection can significantly help strengthen your defense against new malware variants and emerging cyberattacks.  

Having anti-malware software and a good anti-virus program in place that has an anti-malware component is a step in the right direction. Ensuring it is centrally managed and monitored by an administrator is also key to ensure any issues are identified right away. Workstation software never replaces a traditional firewall, only working in conjunction with it.

SC: Greg, thanks for your time today.

GD: No problem.  If anyone is interested in learning more about how tech42 can help you mitigate risk against ransomware or other forms of data loss, please contact us at

Spice IT Email Post
Sep 2016

Azure Outages Reinforce Importance of a Disaster Recovery Plan

Posted by Jackie Liu in Cloud Backup
Cloud downtime in 2015

Sometimes you don’t have to lose your data outright to suffer major disruption to your business. With more companies outsourcing their IT infrastructure to IaaS providers like AWS and Azure, cloud reliability is becoming more of a concern.

In the past week alone, Microsoft Azure has suffered from two major outages: one on 9/9 bringing down cloud services for many customers in its North Europe, West Europe and India regions completely. Then on 9/15, there was a global DNS outage which again, left some Azure customers without access to their SQL databases, Virtual Machines and backups.

It’s not just Microsoft who is having these issues. Google Apps for Work users also went down for over an hour on 9/14, leaving US and UK users who rely on the cloud productivity platform in the lurch. In the past, AWS has also had hiccups up to and including complete outages, bringing down popular websites including Netflix, Reddit and IMDB.

What does this mean for you as an IT professional? First, you need to realize that no cloud is perfectly reliable and downtime is not a matter if, but when. Even a couple of hours of disruption can rack up millions in lost sales and/or productivity – according to an IDC report, the average hourly cost of an infrastructure failure is $100K/hour, or in the case of a critical application, $500K - $1MM/hour.

While some public clouds have a better reputation for uptime than others, the only sure-fire way to maintain business continuity is creating a disaster recovery plan. A disaster recovery plan, may include backup, replication, and failover to a different hot/warm site. Although services like Azure have their own backup facilities, your best defense is to keep backups on a different cloud entirely. Even when an IaaS provider has different availability zones, consider that outages like the recent ones with Azure frequently span across multiple regions.

The worst thing about a cloud outage is how you’re entirely at the mercy of the ops team at Microsoft, Amazon or Google to fix it. They have thousands of customers to serve, and unless you’re a major customer with a SLA, good luck getting in touch with anyone besides front-line support. With a private cloud, you could put “boots on the ground” to repair the faulty part of your infrastructure, but with a public cloud, you don’t have that access because everything beyond your virtual server is very opaque.

Microsoft attributed its DNS outage last Thursday to high traffic, illustrating how a neighbor overwhelmed by a burst of traffic in the public cloud (whether legitimate or a DDoS attack) can bring you down along with them.

Many companies have enjoyed cost savings and productivity gains from moving to the cloud, but it’s imperative to mitigate the risks as well. Using a Disaster-Recovery-as-a-Service (DRaaS) solution such as Asigra Cloud Backup can help you easily meet your recovery time objectives (RTOs). Key benefits include:

  • End-to-end solution protects traditional and cloud data sources
  • Seamlessly failover to an alternate datacenter with Virtual Disaster Recovery (VDR)
  • Flexible and scalable solution for companies of all sizes to meet business needs today and future

For more information, contact a Recoverability Specialist who will be happy to discuss your SaaS, IaaS and cloud-to-cloud backup needs.

Spice IT Email Post
Sep 2016

Webinar: Why Data Protection for Office 365 is Critical

Posted by Jackie Liu in Cloud Backup
Data protection icon

Date: Wednesday, October 5th, 2016
Time: 1:00 – 2:00 PM EDT

According to Gartner, 50% of SMBs will move to a cloud productivity suite by 2020, with many large organizations swept up in this trend as well. If your organization has migrated to, or is considering a migration to Office 365, you won’t want to miss this webinar.

Did you know? Microsoft backs up its customers’ data, but you don’t have access to those backups. By default, Exchange Online purges deleted emails from the Recycle Bin in 15 days, after which it is irretrievable.

In this webinar, you will hear from a panel of leading data protection experts, moderated by industry analyst Marc Staimer at Dragon Slayer Consulting. They will discuss options to protect your Exchange, SharePoint and OneDrive data with a single, end-to-end solution.

You will learn:

  • Why you can’t afford to rely on Microsoft’s backups to protect your Office 365 data
  • The reputational and financial risks a data loss can inflict on your organization
  • How to convince your organization to protect cloud and on-premise data equally
  • Tips for deploying a data protection solution that can protect Office 365 (Exchange, SharePoint, OneDrive) in addition to other cloud data

Reserve my spot

Spice IT Email Post
Sep 2016

Guest Post: What the 2016 Baton Rouge Flooding Says About Data Backup

Baton Rouge flood image
Image Source: USDA

By Peter Ely — Channel Marketing Manager, KeepItSafe®

Have you seen that amazing new TV commercial where the guy drops a high-end enterprise server into a lake — and then they fish the thing out, plug it in, and show you that all of the data survived intact?

Of course you haven’t. That commercial doesn’t exist. Servers don’t do that.

(And if you do see a guy throwing a server into a lake, he’s not filming a TV commercial; he’s destroying evidence.)

I bring this up because, as an IT professional, you no doubt devote a good amount of time to anticipating and preparing to respond to a myriad of technology-related threats to your business — your IT architecture falling behind the competitive curve on capability and efficiency, cyber attacks against your network, etc.

But your company's mission-critical data being wiped away in a flood? I’m guessing you don’t spend many cycles fretting over that.

The Baton Rouge Flood: Time to Re-Examine Your Data Backup Protocols

Of course, you’d be fretting plenty over the potential for catastrophic corporate data loss in these last weeks if your business were located in Baton Rouge. For businesses of all sizes, in all industries, the 2016 Louisiana flood provides a stark reminder of the need for bulletproof, redundant backup of your mission-critical data.

Many businesses — even large, industry-dominant enterprises with sophisticated IT teams — continue to invest in expensive, high-end data backup systems, which they maintain entirely onsite.

Given that some of these enterprises are in heavily regulated industries, or maintain highly sensitive data and hard-earned intellectual property, their inclination to keep all of this data “in-house” is understandable. But as the Louisiana flood illustrates, it’s also extremely dangerous.

If there is a lesson for businesses in the 2016 flood, it’s that you cannot afford to keep your corporate data in just one location — because disasters happen.

What if Your Offsite Data Center Were Located in Baton Rouge?

Now, you might be thinking, Well, that wouldn’t apply to our company because we already keep our data in an offsite data center. Fair enough. And if you do back up your data to an offsite location, then in terms of data protection you’re a step ahead of those companies keeping their only digital copies of everything on in-house servers. But this begs the question: What would happen to your backed-up data if your offsite data center were located in Baton Rouge?

No data backup provider, no matter how successful or trustworthy, can guarantee you that any one of its locations is in a disaster-free zone — where no floods, fires, earthquakes, tornadoes, crippling power outages or other catastrophes could harm its facilities.

Like the comedian who asks, “Hey, since they always seem to find the black box intact after a plane crash, why don’t they just make the whole airplane out of that same stuff” you’d have to wonder, “Hey, if such a disaster-free zone really existed, why wouldn’t everyone move there?”

This is all a way of saying that even if you’ve moved your data to a cloud backup service, you might not have fully solved your company’s data protection problem — not if that backup provider itself maintains your corporate data in only one physical location.

After all, if that single data-backup location suffered a Baton Rouge-caliber flood, and your data were maintained only at that location, then you and those companies keeping all of their data in-house would essentially be, for lack of a better phrase, in the same boat. (Sorry — bad flood humor.)

You Need a Geographically Redundant Cloud Backup Solution

What this means is that the only cloud backup solution worthy of safeguarding your corporate data is one built on a large, geographically dispersed network of data backup facilities — where you can, at all times, maintain multiple copies of your data across several of these geographically distinct data centers.

But even that is only one component of truly safe, redundant data protection. You’ll also want to deal only with a cloud backup provider that can guarantee you the ability to restore 100% of your lost data from one of its locations quickly, in the event disaster ever does strike. If you lose data or access to a network that your business needs to maintain ongoing operations, you don’t want to have to wait days or weeks for your backup provider to get you back up and running.

And finally, you’ll want to demand that your cloud backup provider not merely store copies of your data on its cloud and then leave it there unattended — but that it maintain a team of trained support engineers actively monitoring your data around the clock, ready to take action to protect it at the first sign of trouble.

Spice IT Email Post
Aug 2016

Webinar: How Asigra Helps MSPs Lower Costs and Increase Revenue by 50%

Posted by Jackie Liu in Cloud Backup

Devices Image

Date: Wednesday, September 28th, 2016

Time: 1:00 – 1:30PM EDT

Can cloud backup add to your bottom line? We’re confident it can. The numbers don’t lie. According to a recent MSP survey, 89% of backup-as-a-service providers say the service is "somewhat" or "very profitable."

Stop chasing after point solutions, which suck up valuable IT resources. Instead, try a comprehensive data protection solution that protects your customers' laptops, servers and mobile devices in addition to cloud data sources such as Office 365, Google Apps and Salesforce.

You're invited to our webinar How Asigra Helps MSPs Lower Costs and Increase Revenue by 50%. In this webinar you will learn:

  • The performance & security benefits of a 100% agentless backup solution
  • How to turn SaaS users into lucrative cloud backup customers
  • How to win business from the top growth markets for backup
  • If it makes sense to position backup as a leading or trailing complementary service

Reserve my spot

As a thank you for participating, attendees will receive a complimentary P&L analysis. Space is limited. If you miss the webinar, we’ll send you the recording, but you need to register to receive it.

Spice IT Email Post
Aug 2016

Case Study: Masterbulk Pte Ltd Simplifies Backup and Restore with Cloud Backup


Masterbulk case study screenshot

Acclaimed privately owned shipping company, Masterbulk Pte Ltd, has been one of the major players in the shipping industry. Email correspondence in Masterbulk’s business is crucial to provide the coordination and document flow required to transport cargoes around the world. With tape backup, problems started to arise in restoring data and the management team needed a highly dependable offsite backup service in preparation for future audit requirements. With the need for a better backup system becoming more urgent, Masterbulk finally selected Pantropic’s ATEGO Cloud Backup service powered by Asigra as it offered the most favorable combination of cost effectiveness, reliability, and ease of use.

Masterbulk is completely confident in the ATEGO solution based on the following key features that give them peace of mind:

  • ATEGO’s disk-based backup technology removes concern for reliability of tape
  • The autonomic healing process automatically finds, fixes and flags any errors in the backup file structure
  • The ability to schedule an automated validation job on a specific file or database
  • Service provider Pantropic keeps multiple copies of backups at their secure data centers

“ATEGO Cloud Backup has doubled my productivity rate” says Richard Maquilan, IT Manager at Masterbulk Pte Ltd. Maquilan is happy with the amount of time saved when backing up data and exclaims “it seems that Asigra has created another me – a clone”.

Read the full case study

Spice IT Email Post
Aug 2016

Backup Industry Veteran Reveals Data Protection Risks of SaaS Applications

Posted by Jackie Liu in Cloud Backup

William Bush photo

This is part of a series of interviews with Asigra Partners. In this post we’re talking with William Bush from Tectrade about his experiences and thoughts surrounding SaaS backup for enterprises.

JL: Tell us a little about yourself.

WB: My name is William Bush, and I am the Technical Services Manager at Tectrade (@TectradeHQ). We are a UK-based MSP focused on designing cloud storage & data protection solutions for enterprises. Our client base includes FTSE 100 companies as well as smaller organizations. Many operate in sectors where IT compliance is especially important, such as financial services, education and government.

Our alliances include being an Asigra Partner and the only IBM Storage Specialty Elite Partner in Europe, with over 25 years of experience and 50 technical staff around the world.

JL: William, based on your experience working with various organizations, how quickly would you say IT departments are moving to the cloud?

WB: According to IDC, the market for cloud services is currently growing at 20% and set to exceed $37B this year alone. IT departments are migrating to cloud-based SaaS applications such as Office 365, Google Apps and Salesforce at an unprecedented pace.

The SaaS market is continuing to grow at a phenomenal rate due to a number of factors. The key factors from my perspective being, reduced time to benefit, the SaaS provider taking responsibility for the hardware and software upgrades and uptime and a lower cost of entry with predictable monthly costs.

SaaS enables businesses to focus more time and energy on their core objectives and removes the pain of architecting, installing, managing and maintaining on-premise software solutions.

JL: That’s an exciting trend. With everything happening so quickly, how well-thought out are the deployments you’ve seen?

WB: Moving to the cloud is a smart opportunity but undeniably, also presents some risks.

Most organizations I speak with are either in the process of migrating to Office 365, or worse, have been running Office 365 for months without a plan to revise their data protection strategy.

Their legacy backup systems often aren’t compatible with new data sources like SaaS apps. Even if there are workarounds to make their existing backup tools pull data from the cloud, it’s often not an ideal solution. For example, an admin who is looking to retrieve an individual file might need to spend hours restoring an entire volume from tape.

JL: What are the most common misconceptions about SaaS data protection?

WB: Many organizations falsely assume that the SaaS vendor’s backups are enough to protect their data. Yes, Microsoft will regularly back up Office 365 accounts but mainly to protect against hardware failure in their data center.

Hardware failure isn’t even the top cause of data loss, not even close. User error (64%) is the most common, followed by hacking (13%), account closure (10%) and malicious deletion (7%). Microsoft does not retain copies of your data for nearly long enough to mitigate these other risks.

By default, deleted files in Office 365 are purged from Microsoft’s servers in 15 days. Admins can update the setting to 30 days, but accidentally deleted or corrupted data often goes unnoticed beyond that timeframe, after which it is unrecoverable.

JL: What about other applications such as Salesforce or Google Apps?

WB: These SaaS applications are not much better.

Google Apps for Work purges deleted data after 25 days. There are add-ons for Google Apps like Postini (deprecated) and Google Apps Vault which allow you to set longer retention periods, but consider: Do you really want to manage a different point solution for every cloud? Also, going with Google Apps Vault isn’t a true off-site backup because it doesn’t isolate your data from Google’s environment.

Deleted Salesforce records stay in the Recycle Bin for up to 15 days, with “up to” being the emphasis here. If you are close to capacity in your Salesforce account, they may delete your Recycle Bin files in as few as 2 hours. Once a file is deleted from the Recycle Bin, Salesforce can only attempt a manual recovery, billed at $10,000 a pop.

JL: How responsible are SaaS providers in the event of a data loss?

WB: None of the three providers I mentioned provide an especially strong guarantee you will be able to successfully recover your data, even if the data loss stems from their own negligence. The maximum liability that Microsoft and Google have written into their Terms of Service (TOS) is the past 12 months of subscription fees paid.

Is this enough of a financial guarantee for most organizations? I think not. A single email could be the difference between winning or losing a lawsuit worth millions of dollars.

JL: What is the broader impact of data loss on organizations as a whole?

WB: A data loss event can cause major operational and legal headaches. Recently, a major US airline who had a datacenter outage suffered significant reputational harm and was forced to pay millions in passenger compensation for the incident. Unfortunately, I have seen businesses not recover from a catastrophic data loss.

In the UK, the legal ramifications could include up to a £500,000 fine under the Data Protection Act 1998. Similar laws in the US such as HIPAA and Sarbanes-Oxley (SOX) govern healthcare organizations and public-traded companies, with fines up to $10 million for neglecting to protect customer data. To stay in compliance, you need to be able to show auditors that you have a secure, off-site backup at all times.

JL: What should compliance driven organizations look out for when they engage a backup provider?

WB: Be wary if your storage and/or backup provider is scant on details but assures you “not to worry” that their solution is compliant.

The onus is on you to verify that the architecture your MSP uses is compliant from end-to-end. For example, section 8 of the Data Protection Act requires personal data not be transferred outside the European Economic Area (EEA), with a couple of exceptions.

To protect your organization from fines and reputational risk, make sure you have your MSP’s promises in writing when it comes to compliance. A blanket statement like “HIPAA Compliant” isn’t enough, you need to understand each component of the setup, especially if you are going with a public cloud.

JL: How can working with a managed service provider help organizations gain a competitive advantage from their data?

WB: With the growing volume of data in the enterprise from traditional and cloud sources such as Office 365, it can be difficult for IT departments to navigate the challenges alone. From embedding ourselves at client sites, we possess a depth of experience in working with different data architectures.

An end-to-end solution like Asigra Cloud Backup lets IT departments simply “check off” data protection and instead, spend their time focusing on strategic IT opportunities.

Organizations won’t incur the costs of training their employees on multiple, platform-specific solutions anymore, because Asigra backs up virtually any data source from laptops, servers, mobile devices to SaaS and IaaS clouds.

JL: What are the other benefits of using an end-to-end solution like Asigra?

WB: First, Asigra is an agentless solution. Most backup solutions require a piece of software to be installed on the client-side, but Asigra does not. Because there are no agents to install or update, you save even more valuable IT time, not to mention the improved security.

Asigra is also extremely flexible, letting you set separate recovery time and point objectives (RTO and RPO) for different datasets within your organization, based on the business impact of that data.

In addition, you have the choice of backing up data to a public, hybrid or private cloud. The hybrid or private cloud options are commonplace in industries like financial services or government which have heightened privacy and security concerns.

JL: Will, thanks for taking the time to share your insights about SaaS backup. What are the next steps IT professionals can take to learn more about cloud-to-cloud backup?

WB: We recently hosted a webinar about this topic, titled “Data Protection Considerations with utilizing SaaS.” We went over a few customer examples and showed the attendees how simple it is to retrieve an accidentally deleted record from Salesforce. You can download the recording here.

Spice IT Email Post
Syndicate content
Print this page
Email this page