Ransomware and SaaS data: The Threat is Real

The modern enterprise runs on software, and today much of that software is delivered on a SaaS (software-as-a-service) basis from trusted SaaS providers, who invest a ton of money and resources into securing their infrastructure. However, the data is ultimately the customer’s responsibility, says Remy Claret, CMO and co-founder of Odaseva.

A recent survey Opens a new window shows that ransomware attacks frequently target and successfully attack SaaS data and that SaaS data is not nearly as well protected as on-premises or cloud data. 

Today, most enterprises have moved many of their critical applications out of on-premises data centers and now rely on SaaS providers for the software they depend on, including CRM, office productivity suites, and even ERP. However, even though large organizations need these SaaS platforms and the data they contain to run even day-to-day operations, this data is still not nearly as well protected as on-premises data because many in IT still expect that the SaaS vendor will provide sufficient security protections.

Certainly, major SaaS providers dedicate major human and financial resources to ensuring that their infrastructure is secure. But under the shared responsibility model that nearly all SaaS vendors follow, while the provider makes sure that the infrastructure cannot be compromised, responsibility for the data belongs to the customer. If there’s a gap, that’s a huge vulnerability because opportunistic cybercriminals are following the data into SaaS services, coming up with increasingly sophisticated and effective means of targeting it.

See More: How SaaS Startups Can Keep SaaS Customers for the Long Haul

Ransomware attacks go after SaaS data

A recent global survey of enterprise data decision-makers released by Odaseva found that 51%Opens a new window of respondents had experienced a ransomware attack that targeted their SaaS data, and 52% of these attacks were successful. Moreover, cybercriminals had more success encrypting SaaS data than they did endpoint, cloud, and on-premises data.   

That’s bad enough. But even worse, only half of the organizations could recover all the data, a ransomware attack encrypted in a SaaS service, which was far less than they could fully recover from a ransomware attack on data in other environments. For example, more than eight in 10 (81%) recovered fully from attacks on on-premises data. That’s not surprising, given that only 28% responded that they were “very confident” they could recover all their SaaS data after a successful ransomware attack and that only 43% said they were backing up all of their SaaS data. After all, if data isn’t backed up, it can’t be recovered.

Protecting against ransomware attacks on SaaS data

It’s not that IT professionals are lazy — backing up SaaS data is a complex and very different operation than protecting traditional, on-premises data, with the biggest difference, of course, being that IT has little control over the infrastructure in which their data lives. To access SaaS data, IT wholly depends on the provider’s APIs, which are a limited resource. Providers place hard caps on daily API calls to prevent a single customer from overusing them and degrading performance for others in their multi-tenant architectures. What’s more, there are many APIs to choose from, each with its special capabilities, advantages, and disadvantages. It’s a complex balancing act, but backing up SaaS data is an absolute requirement — it’s the last line of defense against ransomware attacks.

Regarding backup solutions for SaaS data, IT has three basic choices. They can try to develop a solution on their own, providing a lot of control and flexibility; however, enterprise organizations are unlikely to have the in-house expertise required to build a reliable, secure SaaS backup solution that can meet their recovery point and time objectives. And even if an organization does have the expertise, it will not be easy to justify the time and expense if a market solution already exists. 

Some market solutions are free but typically designed for simple data structures that operate with low volumes. Plus, they rarely provide support and can be cumbersome to implement. A market SaaS backup solution from a vendor with specific SaaS platform expertise is usually the best option, providing strong protection while enabling internal resources to focus on other projects.

In addition to having a strong SaaS backup solution, IT should ensure they have secured access to SaaS data. As noted earlier, providers place a very high priority on security, so an attack on SaaS data is unlikely to occur by compromising the SaaS infrastructure. Instead, cybercriminals leverage compromised or stolen credentials, malware, or API leaks. Replying on username and password alone for access sets up a single point of failure — best practice requires strong multi-factor authentication.

The threat of ransomware is real. Organizations must take it seriously and implement systems that protect their data from attack and create comprehensive backups that can be recovered on time if a ransomware attack is successful. The consequences of not doing so in a digital world that depends on SaaS applications can be catastrophic.

How do you protect SaaS data from ransomware? Which strategies can be implemented to do so? Share with us on FacebookOpens a new window , TwitterOpens a new window , and LinkedInOpens a new window . We’d love to know!

MORE ON SAAS

• How To Avert SaaS Data Leaks With an Intelligent Data Protection Strategy
• Make Sure Your SaaS Data is Covered: Back It Up!
• Backup Data: Why Companies Should Invest in It
• Decoding SaaS Best Practices and Cloud Infrastructure Optimization