Bryley backs-up your office suite data in the cloud for Office 365, Google’s G-Suite and SalesForce in partnership with Kaseya Powered Services. To better understand what happens in the cloud I spoke with Alex Courson, an authority on Kaseya’s Office 365, G-Suite and SalesForce back-up products.
Don’t Microsoft and Google Back-Up Everything Already?
Q: Do cloud-based office suites assume liability for your data? Is that something that has changed, or do you foresee changing over the years?
AC: Think of it like having an apartment. The apartment association and management office take care of the infrastructure. They care about the roof, the walls, the plumbing — if a pipe bursts they are going to fix that. But they’re not going to replace your TV or pearls or anything like that. They don’t want the liability. As far as Microsoft or Google is concerned, their position, that they are liable for the infrastructure has never changed. And I don’t foresee that changing any time soon.
Q: Do you foresee G-Suite or Office 365 adding full featured back-up and restoration capabilities, similar to what Bryley provides?
AC: They do offer some back-up options already. The issue is that it’s essentially archiving, and archiving is not enough. Because what ends up happening is your archive is going to actually reside with the rest of your data. So you have to approach securing your data just like you would on-premise back-up. This means following the 3-2-1 policy, where you have three copies at two locations and one off-site. If you have everything at the same cloud site and Google crashes, you still can’t get anything back, right? So that’s why we encrypt it and send it over to AWS to be able to retrieve the data.
Also some compliance designations require not just that you can recover, but also how you recover. If a business falls under HIPAA, or if they have to meet GDPR or other governmental standards often, you can’t just hold data in archives.
Q: So how is what we’re offering different and compliant?
AC: By contrast we’re actually creating encrypted, replicable versions. What we’re doing is tracking changes every night so you get a true incremental change back-up 1 . Invisibly to the end-user daily incremental changes are saved, being encrypted and sent over to AWS. When you want to restore a particular version from a specific point in time, you’ll bring that back. And you’re actually accessing that still encrypted data — its still held encrypted on the AWS server — and replicating a version back. So you’ll never remove a backup. You’ll never delete a backup.
Q: What are the real risks to my data in the cloud?
AC: You’ve got the same risks you have on-prem, but then you’ve also got the ones that you don’t think about. The ones on-prem are things like natural disaster, crashes, reboots, accidental deletions. Cloud-hosting is susceptible to all the same issues. But then you also have malware, spam, malicious activities, viruses — all of that can affect cloud. And in the last crashes that Google and Office 365 each had — information was lost or not saved properly, which isn’t really worse than when all data was on-prem. But you do have to still protect the data, on-prem and in the cloud.
Q: So how come we rarely read about malware or hardware failure at Office 365 or G-Suite?
AC: Sometimes you do and sometimes you don’t. First people don’t want to be caught with stories that they were unprepared. People don’t want it publicized that they didn’t think of everything, so they try to not to let it get out. And for breaches and other attacks, some of that information may not be readily available, because it was found by IBM that those kinds of attacks take on average a hundred ninety-seven days to even identify 2. That’s a little terrifying.
It has been documented that nearly 80 percent of organizations that have data in the cloud lose data at least once in a twelve-month period 3. So data-loss in the cloud is the norm now. It’s now not even an if-then, it’s 80 percent of companies are going to lose data in the cloud.
Q: With the back-up product that Bryley offers, what level of encryption is used to protect the data?
AC: It’s 256-bit encryption both in-transit and at rest. When it goes from Office 365 or Google over to AWS and back again, you’re always going to have 256-bit layer encryption, which is among the strongest commercially available encryption protocols.
Q: Google claims “take advantage of the same secure infrastructure Google uses. Your data devices and users are protected and all of your files are automatically backed-up in the cloud.” 4 Is this different than the security that we’re offering?
AC: It is being archived inside of Google Vault on Google’s platform. But it’s not a true back-up. It’s not saving incrementals. The data’s not backed-up off-site. But, absolutely, Google does a great job. It’s a great platform for security and encryption, which is why we work with them. That being said you still have to be responsible for your data in the cloud. It’s the same as dealing with servers on-prem. You’re going to get the most secure servers you can, but you still need to back them up.
There’s a shared responsibility between a vendor [e.g. Microsoft or Google] and a person that is agreeing to put their data on that platform. At some level, like for natural disasters or deletion requests, things that have to do with the infrastructure, of course the vendor’s going to be responsible for that. But the end user is responsible for the behavioral stuff. And that’s what back-up is protecting against, the behaviors of the individuals that are interacting with that data. Those behaviors may be from an external threat or an internal threat. Maybe somebody just made a mistake and deleted something they shouldn’t have. Or maybe there’s a virus. Backing-up protects you from these behavioral things.
The vendor is responsible for infrastructure. So in that sense they are going to protect your data. They are going to go above and beyond when it’s their fault and responsibility. If, for example, their data center goes down, they’re going to bring everything back as best they can. But at the end of the day, the end user has to be informed that he is responsible for his data, because at the end of the day, the vendor is not liable for it. It’s on the end user to keep his data backed-up and secure.
Let’s talk about how you can protect your data in the cloud. Give us a call at 978-562-6077 option 2 or email ITExperts@Bryley.com.
1 To not slow down your network by moving data across servers during the workday, this office suite back-up plan runs every night. This means you will have a permanent back-up of a document as it’s left at the end of the day. If you find nightly back-ups are not enough, you can supplement with on-demand manual back-ups as often as you would like and can be applied to user accounts or narrowed using granular options. https://support.spanning.com/hc/en-us/articles/360033552432-How-to-perform-an-on-demand-backup
2 https://databreachcalculator.mybluemix.net/
3 https://spanning.com/resources/whitepapers/global-data-protection-survey-report-2016/