Protection Strategies for Data Security in the Cloud - Zerto

How Are Organizations Protecting Their Data in the Cloud?

Est. Reading Time: 4 minutes

A new study reveals key year-over-year trends in how IT organizations are capitalizing on cloud services as part of their data protection strategy.

As organizations continue to adopt public cloud services for business-critical data, many users are confused about what these data protection solutions actually provide—leading to potential data loss and compliance risks. Additionally, on-premises backup and disaster recovery (DR) strategies are increasingly leveraging cloud destinations, resulting in hybrid data protection topologies with varying degrees of service levels and end-user tradeoffs and opportunities.

So, what are the best solutions?

To gain insight into trends in cloud data protection challenges, plans, and strategy, ESG surveyed nearly 400 IT professionals at organizations across North America. Here are some of their findings, which are fully detailed in the eBook The Evolution of Data Protection Cloud Strategies.

Cloud-based data protection is the new norm
Within the last five years, the adoption of public cloud-based data protection services has grown significantly, with 87% of respondents noting that cloud computing has had a positive impact on their data protection strategies. Specifically, backup-as-a-service (BaaS) is the most widely used approach, with more than two-thirds of responding organizations using these services. That’s because the value proposition of cloud-based data protection is powerful: Organizations identify security, the ability to deliver against RPOs and RTOs, reduced costs, and even improved compliance as common benefits from cloud-based solutions.

In time, BaaS and disaster recovery-as-a-service (DRaaS) could merge, as needs and technologies evolve to deliver shorter point-in-time intervals and more continuous data protection.

Continuous data protection (CDP) capabilities are key for BaaS
BaaS is popular as a data protection strategy and is increasingly replacing traditional on-premises data protection technology. Security and speed of recoverability are top of mind when an organization is considering BaaS, resulting in some stringent RPO requirements for BaaS vendors. More than one in five organizations expect CDP-like capabilities—a sign of the blurred line between DRaaS and BaaS.

The study also revealed that demographics play a role in expectations: Older organizations—with more established best practices for mission-critical applications and legacy habits from the on-premises world—are more likely to demand tougher requirements for continuous protection, where digital-native companies tend to require less-stringent RPOs.

On-premises environments + cloud backup is gaining momentum
Early cloud adopters leveraged extending on-premises backup to cloud destinations, and capabilities are advancing quickly in this area. As more options become available, users rate cost-effectiveness and security at the top for capabilities their cloud backup/DR target solutions must meet while operating at scale. However, the ESG study saw some resistance to extensively or exclusively switching to BaaS due to cost concerns, with 30% of respondents feeling that adding cloud storage to their existing solution would cost less than changing to a BaaS service.

Data tiering is an influencing factor
New solutions and capabilities have recently emerged that focus on cloud-based data protection that often leverage hyperscalers’ own new capabilities to protect data that they host. The key characteristics that organizations expect of these solutions are twofold: granular restores and tiered storage. Vendors may have challenges with native integration into the hyperscaler platform, and they will need to integrate deeply to deliver a consistent set of features and experience across multi-cloud environments.

Over the past few years, as hyperscalers established a growing presence in organizations’ infrastructures, they have developed different tiers of compute and storage to maximize their operations and match customer needs, which can vary widely. Surprisingly, although 63% of respondents use both cloud block storage for hot data and cloud object storage for older backups/archive, one in five still use more costly snapshots as their primary method of data protection.

The SaaS-data protection disconnect is not improving
Some organizations continue to mistakenly rely solely on SaaS vendors instead of recognizing that companies are always responsible for their own data. ESG identified this disconnect in 2019 and it hasn’t improved much in two years.  While data protection is a shared responsibility between IT and the SaaS vendor, a third-party solution is the right answer in every case.

Malicious deletion is a high concern for organizations experiencing SaaS data loss—affecting 25% of respondents. Data corruption represents 22% of data loss. In the SaaS paradigm, the control of the data and the application is in someone else’s hands in a mutually shared environment, making it much harder to control recovery efforts without a strong solution in place. Organizations are looking at their SaaS backup solution to deliver advanced protection and recovery while maintaining data protection SLAs.

Deliver maximized data protection
To deliver maximized data protection SLAs, data owners must be aware of industry trends and offerings from cloud-resident applications and their associated data. Zerto can help your organization eliminate the risks and complexity of modernization and cloud adoption. Find out more about these crucial data protection strategies by downloading the ESG eBook The Evolution of Data Protection Cloud Strategies.

Download the eBook Now