Commissioned by OpenText
Published June 2024
Executive summary
Many organizations continue to believe that cloud providers are responsible for protecting their data in SaaS apps from all types of data loss, even when cloud providers explicitly opt out of assuring data integrity under the shared responsibility model. When the inevitable happens and data is lost via a cyberattack or deletion action in the normal course of business operations, organizations are faced with the startling realization that their data is actually gone—and the cloud provider can do nothing about it. The data is lost. Irretrievably so.
But there is an alternative, albeit one that requires a decision upfront to assure recovery whatever happens to the cloud provider, whether during a ransomware attack, a malicious insider rampage, or deletion that happens in the normal course of business operations. The alternative is an approach that diligent IT organizations always used to practice—with relentless discipline—in the age of on-premises IT infrastructure. As an increasing proportion of organizations embrace an ever-growing set of SaaS applications, reinstituting solid data backup processes for data in SaaS applications enables organizations to achieve security standards and compliance mandates.