After thirty-five years of enterprise digital transformation, the amount of data that’s around us today is unimaginable.

The shift towards data-intensive, cloud-based computing can best be seen through the dramatic rise of SaaS. Overall spend per company is up 50%, unique apps in use is up 30%, and 80% of enterprises now expect to meet over ¾ of their software needs with SaaS.

SaaS undeniably brings flexibility and responsiveness to modern businesses. But, it also presents a new challenge to a mainstay in security processes: backing up data.

SaaS Apps Back Up Their Platform—Not Your Data

Even seasoned IT professionals are often surprised to learn that SaaS platforms do not offer account-level data recovery. SaaS apps back up their entire platform, but that backup isn’t available to users. This means that businesses that rely heavily on SaaS applications are vulnerable to data loss. With SaaS, you don’t own the software, you rent it. Users are responsible for the data they create within SaaS apps.

This presents a challenge to the backup gold standard, known as the 3-2-1 rule—a best practice that aims to prevent data disasters. The 3-2-1 rule means 3 total copies of your data, on 2 different mediums, with 1 stored offsite. Cloud data is not an exception to this rule; in fact, information stored in cloud apps is often business-critical data such as financial transactions, customer history, orders, code repositories and IP, and more.

Since 2015, Rewind has been on a mission to help businesses protect their SaaS and cloud data. Today, over 100,000 customers in more than 100 countries have trusted Rewind’s top-reviewed apps to minimize any disruptions caused by data loss. “We offer backups with data storage in Europe, in Canada, and the United States. We’re already set to handle multi-region capability and make sure that we comply with any laws that we might need to comply with,” explains Mike Potter, co-founder and CEO of Rewind.

“Whether that be SOC 2 or ISO 27001, there are requirements as part of those certifications that you need to protect your data. We help companies comply with that by having a backup of the SaaS data they use to run their businesses,” adds Potter.

Backing up and then restoring SaaS data isn’t always easy. Unless you can quickly restore the data, your backup won’t help you in a crisis.

How Does Data Loss Happen in SaaS?

Remote work was greatly accelerated by the COVID-19 pandemic, however it represents many new security risks. Employees are now accessing sensitive data from their home networks, personal devices, and other unsecured sources. This results in a larger attack surface, and coupled with the lack of in-office support, may represent an increased security risk.

Third-party apps and software also represent a significant risk. 43% of data breaches involve a third-party web application.

But human error is still the leading cause of downtime, and a whopping 90% of data breaches involve “the human factor”. The good news is that with a little training and a few best practices, you can significantly reduce the risk of data loss within your organization.

Security Tips and Best Practices for 2021 and Beyond

Potter has guidelines for businesses looking to ways to secure their most valuable asset: their data.

1. Use unique passwords on all your devices. Never reuse passwords.
2. Use a password manager to create and store secure passwords for you.
3. Enable multi-factor authentication whenever possible. Avoid using SMS as your second factor of authentication.
4. Follow the principle of least privilege: restrict permissions of SaaS users to only what they need to do their job effectively. For example, your marketing team probably doesn’t need access to your bookkeeping software.
5. Vet any third-party apps that you give access to the data. Remember, “read and write” permissions means the app can read, alter, or delete your data, so be sure you trust any app before giving permission.
6. Use a VPN connection if you’re using public wi-fi networks.

“Now, even if you do all that, you need to make sure that in the off-chance that something happens, you have a backup of your data because it’s actually not protected by the SaaS platforms,” says Potter. A recent and complete backup allows a business that suffered a data loss to recover quickly and easily, as data can be restored with Rewind in minutes.

Rewind’s ultimate vision is to back up the entire cloud and expand the number of SaaS applications that they’re backing up. “Rewind currently offers solutions for ecommerce, accounting, development, and productivity tools, but we have plans to introduce many more over the coming months and years,” concludes Potter.