Before cloud services became mainstream IT, backup and recovery processes required a lot of time and energy. Many MSPs and backup admins implemented multipart strategies that entailed a combo of local image backups and offsite storage solutions. Several MSPs accomplished the latter part by making a second local copy on tape media and manually transporting the media to a remote location, also known as the MSP's home.
Fast-forward to the present, and many of the cloud-based apps we’re using are updated and backed up in real time with little effort from the user. If the computer or a local server crashes, users just log back into their Microsoft 365 suite from another computer and pick up where they left off.
Because the cloud has made our computing experience so much easier, data backup has become an afterthought for some companies—and this is a dangerous mindset. The SaaS experience may work flawlessly 99% of the time, but it is still susceptible to many of the same problems as on-premises data, including:
- Accidental deletion—Many SaaS providers keep only 30 days of backup history, so if the deletion isn’t caught before then, the file’s gone forever.
- Employees leaving—If a user’s email subscription gets turned off before their data is copied, it can lead to data loss.
- Sabotage—If a rogue employee deletes critical data that’s not discovered during the standard 30-day retention period, it’s gone for good.
- Hacking—Cybercriminals are increasingly targeting cloud services for ransomware attacks.
What do all the above scenarios have in common? In each, a person is the cause of the lost data. As workloads move to the cloud, data loss is caused less by technology glitches and crashes and more by accidental—and intentional—human-related problems.
Before we can discuss best practices for backup and recovery, it’s vital to address and minimize the potential damage any individual can cause. Here is a simple checklist you can apply to every employee and authorized network user accessing either SaaS or on-premises backups for every customer:
- Create named users only. This avoids accidentally giving the billing department access to network user logs, for instance.
- Remove shared accounts. Everyone should have their own login credentials, so you can know who is on the network at any time.
- Limit the number of root/administrator type roles. This will work to minimize the number of individuals who have access to the organization’s entire data set.
- Assign least privilege roles. Doing this ensures users only have the access necessary to do their jobs. If someone needs special one-time access to something, they should be required to get permission from an administrator.
- Monitor and enforce two-factor (2FA) or multifactor authentication (MFA). Bad actors want to purge your backups and mess with files. Employing 2FA and MFA—and following the other tips—works to mitigate any damage incurred from a breach and gives the IT department more time to fix the problem.
- Don’t log in to the multitenant backup consoles from an untrusted/customer device. Enough said.
- Use strong passwords and a password manager. One of the most common ways hackers break into computers and networks is by guessing passwords. Use a password manager to keep the random complexity of yours safe and easy to access.
- Zero password reuse. Again, enough said.
- Remember to log out. You’d be surprised how often a cat walking across a keyboard or a small child playing with a keyboard can accidentally delete something important on your computer if you walk away and stay logged in. Log out, always.