Cloud applications have come a long way in terms of security and adoption rates. Business owners swear by it and say that it adds speed of access to technology, reduced delivery times to clients and instant access to their data from anywhere, at anytime. But what are cloud limitations in terms of data loss? Below we explore five common causes of SaaS data loss and how these incidents can be prevented.
Many business owners an even users have no idea what happens to their data once it’s in the cloud. Accidental file deletion is one of the major risks of cloud collaborative environment. In fact, a 2015 study showed that human error causes 24% of data loss incidents. When multiple end users are working on files at the same time, it’s easy to lose data. Thus, the major benefits of collaboration and instant access become pain points for cloud IT administrators who get to clean up after end users.
This is the common assumption is that if your data gets deleted: “well, it’s in the cloud, so it must be backed up, right?”.
SaaS Data Loss Does Happen
Just because your data is in the cloud, it doesn’t mean you can’t lose it. A 2013 studyshowed data loss is still quite real, even if cloud infrastructure sends it offsite. 32% of the companies that are using SaaS services have reported data loss. Top 5 ways data is lost in the cloud are:
- User error (64%) – registered users accidentally delete or overwrite data;
- Hackers (13%) – outsiders get into the business systems;
- Closing accounts (10%) – cloud apps accounts are closed without regard for the data left behind;
- Malicious delete (7%) – users purposely delete critical data to a company;
- Third Party Software (7%) – overwriting data by third party software.
The Financial Burden of Data Loss to Businesses
What’s more important, data loss has serious repercussions for businesses and it translates into financial losses, among other problems. A study from the Ponemon Institute shows exactly how costly data loss is for organizations:
- Companies pay, on average, $136 for ever lost record;
- For healthcare, costs are as high as $233 per record;
- For educational institutions, the cost for lost records is $111.
Data loss can be costly when employees or admins scramble to recover an important piece of information, instead of doing their jobs. But the real risk, at least in healthcare and other regulated industries, is that they need to pay hefty fines for misusing customer data.
Fines for HIPAA violations (the regulations for healthcare companies) can range from $100 to $50,000 per violation (or per record). The maximum penalty can reach $1.5 million per year for violations of an identical provision.
What’s more, the way regulators deal with violations seems to be changing as threats become more pervasive. Recently, the Federal Trade Comission (FTC) rocked the healthcare industry. They ruled that just being hit by a ransomware attack is a violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
How to Prevent SaaS Data Loss
Microsoft does have its handbook of best practices to prevent SaaS data loss with Office 365. However, you can easily apply their advice to any cloud applications. It all starts with knowing exactly what type of data you have stored and what to protect.
Identify sensitive information across many locations. You would need to keep track of documents containing sensitive information. Watch out for credit card numbers, names and contact information for customers or company employees, or even social security numbers.
Prevent the accidental sharing of sensitive information. Studies have shown that around 16% of documents uploaded to the cloud contain sensitive information. The trouble is, employees may inadvertently share them outside the organization. You can set processes in place to automatically block access to these documents or prevent them from being sent out to email addresses that do not share your domain.
Help users without intrerrupting their workflow. Everybody hates downtime. This is why automated systems make it so much easier to keep track of your most important data and protect it. Data Loss Prevention (DLP) policies can be used to prevent (or alert of) sharing documents containing sensitive information.
Have More Options for Cloud Backup. Ultimately, the best protection is employee education, prevention and a solid backup and recovery solution for cloud applications. Third party cloud backup applications will offer set-it and forget it solutions that will keep your SaaS data safe from any sort of disaster.