Companies engage managed services providers as technology experts to help oversee their IT infrastructure.
Partnerships with MSPs can be critical, especially for smaller organizations. When done right, they allow the company to focus on running their core business while leveraging a trusted partner to recommend and manage the technology that enables the business.
A strong MSP partner will engage with the business to understand its technology needs and risk tolerance to ensure it recommends and implements the proper tools and technology.
Data Resilience and Recovery
Over the past several years, a troubling trend has emerged related to data backup and recovery. Too often, cloud collaboration platforms (CCPs), such as Google Drive and Microsoft OneDrive, are misused for purposes they are not designed for, namely data resilience and recovery.
This misuse can be a costly mistake. CCPs are great for collaboration and efficiency, but they’re not great for data resilience and recovery. It’s important for MSPs to use the right tools to meet their clients’ needs and expectations. And clients must understand exactly how they are protected and where they may have gaps so they can make informed risk decisions.
CCPs and purpose-built endpoint data backup and recovery tools have some passing similarities, which is why misuse can happen. CCPs have limited storage and some versioning capacity, but leveraging a CCP for data backup and recovery is like using a hairbrush to clean your teeth.
What Makes the Difference?
Todd Thorsen
True endpoint backup and recovery solutions cover all endpoint data automatically without relying on end users, policy compliance, storage limits, file version capacity, or user designation.
CCPs fall short in all these areas because they are collaboration tools and not purpose built for data backup and recovery.
Let’s tackle each of these issues in turn. CCPs rely on end users to upload files to the platform, and because this cannot be technically enforced, administrative policies must be implemented and followed by end users. This policy-reliant form of backup doesn’t account for the most common failure of all: human error. As a result, this can pose compliance, operational and legal risk to organizations as they must rely on end user actions to sustain their data resilience capabilities.
How many desktops have you seen littered with files that a user hasn’t saved to the drive yet, but plans to eventually, someday, or maybe? By contrast, purpose-built endpoint backup and recovery tools automatically back up all the data accessed, processed, or stored on the end user’s device.
CCPs have storage limits, short archive windows, file version thresholds, and don’t have the data residency, availability, and redundancy capabilities to support operational data resilience needs or compliance requirements.
Meanwhile, purpose-built endpoint data backup and recovery tools offer unlimited storage capacity, back up every version of every file automatically, afford control over data residency, and have high availability. In short, purpose-built endpoint data backup and recovery tools give MSPs and their customers peace of mind knowing their critical data is secure and available for recovery at scale when things go wrong.
Establish More Than a Security Blanket
CCPs as backup solutions even fail by the definition of the word.
Backups are a second, secure version of a file users can recover when the original is affected by loss or corruption. But CCPs treat the working file as the backup file, so when that is lost or corrupted, there is nothing to recover; the data is lost.
CCPs should not be used for backup and recovery. They amount to little more than a checkbox and may result in clients getting a false sense of security about their data resilience posture. This may manifest itself into a significant issue when the need arises to recover lost data and it is unavailable.
Todd Thorsen is chief information security officer of CrashPlan. With more than 15 years of information security experience across various disciplines, Thorsen has built and led security programs focused on global security operations, risk and compliance, incident response, resilience, and data protection.
Image: iStock
