Over the past year, COVID-19 has transformed the way businesses operate, and though workplaces are now reopening as the pandemic winds down, we don’t foresee a wholesale rush to return to the office. Remote work is here to stay. And it has serious implications for data protection.

First, though, let’s get a clear picture of the situation. Despite initial worries and startup headaches, remote work has turned out to be a win-win situation for businesses and employees. The 2021 PwC Remote Work Survey found that 83% of employers and 71% of employees consider remote work a success. About one-third of staffers say they’re more productive than before the pandemic (significantly more than said they were less productive)  and more than half of executives agree that productivity has improved. 

It’s not all good news, though. 

Company culture suffers when everybody works from home all the time. Some 68% of executives believe that employees should work in the office at least three days a week to maintain a distinct company culture. Most employees also see the value of returning to the office to collaborate with team members and build relationships, but only part time, as they love the flexibility and comfort of working from home. Considering the pros and cons, many companies are likely to adopt a hybrid model that combines the best of in-office and remote work.

The challenges of digital transformation 

In either a fully remote or hybrid scenario, digital technology is essential, as businesses can no longer rely on local networks, onsite data storage, in-person meetings and paper documents. The Veeam 2021 Data Protection Report found 98% of organizations were in the process of undergoing or planning digital transformation, which is up sharply from 80% pre-COVID. About half the companies surveyed accelerated their transformation efforts to quickly provide remote workers with tools to work from home. But another 30% — notably those with less mature digital infrastructure in place — had to slow down their efforts to transform and instead focus on maintaining operations. 

Transformation hasn’t been easy. Half the organizations surveyed felt shackled by legacy systems and aging platforms that couldn’t meet the needs of employees working remotely. About the same proportion didn’t have the necessary IT skills and transformational expertise. Lack of management buy-in, time and money hindered the digitization process as well.

Businesses also had to consider the serious implications for backup and disaster recovery. Centralized IT departments suddenly had to support highly distributed teams working remotely. The need to make data and applications accessible on less-secure home networks and often-outdated computers made it harder for IT to protect company resources and easier for cybercriminals to break in. Cyberthreats, including ransomware, have proliferated in this environment.

Given the difficulties of maintaining on-premises IT operations, businesses have turned to the cloud and SaaS services. Shortly after the shutdowns began, 91% of businesses increased their use of cloud services for remote workers, according to the Veeam report. The trend is clearly going to continue. Asked about post-COVID plans, 60% said they will add more cloud services to their IT delivery strategy, and 48% said they would accelerate their use of SaaS services.

What this means for backup and DR

The growing adoption of cloud-based services and SaaS can improve access and performance for remote employees, a key advantage given current trends. But there are backup issues that need to be addressed to ensure that critical data is reliably available and protected. 

Many SaaS users mistakenly believe that the vendor backs up their data, but that isn’t the case. SaaS vendors generally operate under a shared responsibility model. They secure the service and infrastructure and make sure applications and data are available during a disaster. But protecting the data itself over the long term is the customer’s responsibility. 

Consider Microsoft 365, one of the most popular SaaS apps, which is increasingly being used for corporate collaboration among remote teammates. Generally, trashed items will remain in the recycle bin for 30 days, but after that, it is permanently deleted ( retention policies differ a bit by application). So, if an employee accidentally discards an important document that won’t be looked for till the next quarterly close, it’ll be gone forever. Or if authorities investigating a company demand a document that was deleted months ago, it won’t be accessible, and legal problems could result. 

Other scenarios can cause major headaches as well. What happens if you get into a dispute with the vendor over the contract and they’re the only ones with a backup of your data? What if there’s a major disaster and the provider’s data center — which houses the only copy of your data — is destroyed?

All these what-ifs underscore the urgent need to back up data if you’re using a SaaS/cloud model.

Be prepared

Fortunately, good point solutions exist for widely used apps such as Microsoft 365. OffsiteDataSync partners with Veeam to provide Microsoft 365 backup, which can protect data residing in Exchange Online, SharePoint Online, OneDrive for Business and Teams. It offers both long-term data protection and archival services.

There are several advantages to this product. Cloud-based backup ensures easy recovery, with flexible options for storing backups on premises, in the public cloud or with a cloud service provider. You can granularly restore email items, SharePoint sites and more, as well as OneDrive for Business accounts, files and folders. And everything is monitored and fully managed as a service by OffsiteDataSync

But point solutions don’t exist for all SaaS apps. If that applies to you, require the SaaS vendor to send along your data regularly. Even if you have to pay extra, it’s worth the cost. Be sure to protect endpoint data and make that an automated process. Left to their own devices, employees will not reliably back up their own data.

Product solutions are a good start, but sound strategies can add another layer of protection. Employ remote desktops so all data is behind the firewall and deploy endpoint backup solutions, which typically require an agent on every machine. Map each “My Documents” to OneDrive or some other cloud storage repository that you can easily back up.

Conclusion

The pandemic irrevocably changed the way businesses work. Legacy backup systems are no longer enough to protect SaaS apps and cloud-based systems — especially with the proliferation of increasingly sophisticated cyberthreats. IT needs to adapt to make sure data is protected across all environments. 

Want to learn more about how to protect your SaaS and remote worker data? Read our new e-book, Backup + Disaster Recovery Strategies for the New World of Work.

If you’d like to speak to an OffsiteDataSync data protection expert directly, contact us!