Therefore , it is highly likely that MSPs have clients storing critical business information across several SaaS solutions . Since even IT professionals are misinformed when it comes to SaaS data protection , it should come as no surprise that an MSP ’ s customers are likely also confused about who is responsible for this data . Because many clients may simply assume that organizations like Microsoft and Salesforce will automatically protect their data , it ’ s up to the MSP to help educate their clients about the do ’ s and don ’ ts of SaaS data protection .
“ It ’ s key for MSPs to identify their client ’ s crucial workloads and identify what mechanisms are in place to protect the data currently ,” Bertrand said . “ In their initial conversation with the client , it ’ s key to amplify that just because it ’ s a SaaS service does not mean the vendor is governing the data . It ’ s also important for MSPs to discuss data protection from a compliance angle and ensure the client understands their SLAs .
“ Our recent research found that 29 % of respondents were only familiar with some of their SaaS providers ’ data protection and recovery SLAs , and 7 % stated that they were not familiar at all . There is so much flying in the dark .”
While there is a large amount of education that needs to take place in the market , Bertrand sees this as a good thing . “ This is a fantastic opportunity for MSPs , especially in the Microsoft 365 market ,” he said . “ If you look at the success rate of recoveries in Microsoft 365 in our recent research , we ’ re nowhere near the 100 % mark . In fact , 37 % of respondents in our recent research recovered 75 % or less of their data . You should really have the majority at 100 %, as Microsoft 365 is mission-critical .”
Interestingly , MSPs may find significant challenges in educating their more digitally savvy clients on the topic of SaaS data protection . ESG found that organizations under 20 years old were more likely to believe that the SaaS vendor was responsible for their data — 44 % of organizations that had 20 years or fewer in business stated that the SaaS vendor was responsible versus only 21 % of organizations that had been in business for over 50 years . Thankfully , a worst-case scenario with SaaS
We ( i . e ., IT ) are solely responsible for protecting all of our organization ’ s SaaS-resident application data and use a third-party data protection solution or service
16 %
Source : ESG Brief , “ The Disconnect Between SaaS And Data Protection Is Not Going Away , August 2021 ”
Don ’ t know
35 %
We ( i . e ., IT ) solely rely on the SaaS vendor because they are responsible for protecting our organization ’ s SaaS-resident application data
51 %
( i . e ., we don ’ t do anything to protect We ( i . e ., IT ) are our SaaS-resident application data ) partially responsible for protecting our organization ’ s SaaS resident application data and rely on both the SaaS provider and a third-party data protection solution or service
Fast Facts About Christophe Bertrand
Christophe Bertrand is no stranger to the world of data , with nearly three decades of experience with companies such as Legato Systems ( now EMC ), VERITAS , Maxtor , Hitachi , DDN , and Arcserve . In his role as senior analyst at Enterprise Strategy Group ( ESG ), Bertrand helps clients create cohesive data protection strategies and is also instrumental in spearheading ESG ’ s data protection research .
data can be avoided for a client of any type with the help of an MSP partner who takes the time to truly understand the client ’ s data needs and uses key research and experience in the field to inform the customer about the best options for their needs .
And while the importance of SaaS data protection will continue to grow , Bertrand reminds MSPs not to set their sights on cloud-only environments . “ It ’ s a hybrid world ,” said Bertrand . “ Though SaaS is low-hanging fruit , data is everywhere . MSPs have an opportunity to help their clients build a coherent data protection plan across this hybrid environment . If I am looking for someone to take over my IT , they need to understand where the data truly lives .”
Data will continue to grow across multiple environments , and it ’ s important for MSPs to look for unified business continuity and disaster recovery ( BCDR ) solutions that allow them to view data across multiple environments from a single dashboard . This unified approach will save them time as they grow their SaaS data protection services for their clients .
When Assessing SaaS Data Protection Platforms , Cybersecurity And Recoverability Are Key .
While the average client of an MSP may not know much about SaaS data protection , it ’ s likely they are very aware of the threat of ransomware . After all , it ’ s hard to turn on the news without hearing about a new cyberattack . Since ransomware is an unfortunate reality , it ’ s critical that MSPs look for SaaS data protection solutions that include key features like dark web monitoring and predictive analytics . These can spot unusual patterns in data that are often a telltale sign of an attack . It ’ s also crucial that MSPs thoroughly test their chosen SaaS data protection platform to ensure they can successfully recover .
“ It ’ s about moving the bar up from BCDR to cyber recovery and cyber resilience ,” Bertrand said . “ It ’ s important to have a holistic view of data loss prevention .” n